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QUESTION 1 

Which mechanism does GET VPN use to preserve IP header information? 

A. IPsec tunnel mode 

B. GRE 

C. MPLS 

D. IPsec transport mode 

Answer: A 


QUESTION 2 

Refer to the exhibit. Which routes are advertised by the router? 


router bgp 
neighbor 
neighbor 
neighbor 
neighbor 
neighbor 

; 


65500 

LocalSite 

LocalSite 

LocalSite 

LocalSite 

LocalSite 


ebgp-multihoD 2 
update-source Loopback 0 
next-hop-self 
route-map CheckCommunity 
route-map CPodPeer out 


in 


route-map CPodPeer permit 10 
match as-path 1 

i 

route-map CPodPeer permit 15 
match as-path 33 

i 

route-map CpodPeer deny 30 

I 

ip as-path access-list 1 permit $ 
ip as-path access-list 33 permit _65006$ 
| 


A. No routers 

B. BGP routes that originated from AS 65006 and BGP routes that originated on this router 

C. All routers 

D. BGP routers sourced on this router 

E. BGP routes that originated on RT1 

Answer: B 


QUESTION 3 

For what reason might you choose to use an SVTI interface instead of a crypto map on a tunnel 
interface? 

A. SVTIs support dynamic routing protocols without GRE headers. 

B. SVTIs can support multiple IPSec SAs. 

C. SVTIs can carry non-IP traffic. 

D. SVTIs support CEF-switched traffic shaping. 
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Answer: A 


QUESTION 4 

Refer to the exhibit. Which two statements about the output are true? (Choose two) 


LD/RD 
1/2148270086 


RH/RS 
Up 


State 

Up 


Int 

Gi 0/3 


[RTl#sh bfd neighbors detail 

I IPv4 Sessions 

JWeighAddr 

pass* as- - -tfss'ssu-. 

IOurAddr: 10.129.95.198 
lHandle: 1 

1 Local Diag: 0, Demand mode: 

I Received MinRxInt ^999000^ * Rece^^^d “ u J 1:i P li ® r : 3 

Tx Count: 214341b' Tx min/m ^/avg: 816/1016/917 last: 306 ms ago 

I Elapsed time watermarks nTrt (l ”!! min/max/avg: 4/1266/878 last: 476 ms ago 
1^istered protocols : BGP ' 


0 * Po11 bit: 0 
999000, Multiplier: 3 


Uptime: 3w0d 
Last packet: Version: 1 - Dxagnostic: 
1 State bit: Up 

Pol 1 bit: 0 

C bit: 1 

Mu1tipiier: 3 

M^vDiser.: 2148270086 
Min tx interval: 999000 

Min Echo interval: 0 


- Demand bit: 0 

Final bit: 0 

Length: 24 

- Your Discr.: 1 

“ Min rx interval: 


999000 


A. BFD last failed 476ms ago on interface GigabitEthernet 0/3. 

B. BGP on RT1 has negotiated the BFD capability with its peer. 

C. BFD is active on interface GigabitEthernetO/3 and is using ICMP. 

D. BFD is active on interface GigabitEthernetO/3 and is using UDP. 

E. BFD is active for BGP on RT1 

Answer: DE 


QUESTION 5 

Which two statements about PPP PAP are true? (Choose two) 

A. It requires two-way authentication. 

B. It can protect against playback attacks. 

C. It is supported only on synchronous interfaces. 

D. It is vulnerable to trial-and error attacks. 

E. Login attempts are controlled by the remote node. 

Answer: DE 


QUESTION 6 

In a simple MPLS L3VPN, which two tasks are performed by the PE router? (Choose two.) 

A. It establishes pseudo wires with other PEs. 

B. It exchanges VPNv4 and VPNv6 routes with CE Devices. 

C. It assigns labels to routes in individual VPNs. 

D. It forwards labeled packets to CE devices. 

E. It exchanges VPNv4 or VPNv6 route with other PE routers. 
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Answer: CE 


QUESTION 7 

What are the two BFD modes? (Choose two) 

A. active 

B. asynchronous 

C. passive 

D. established 

E. demand 

F. synchronous 

Answer: BE 


QUESTION 8 

Which statement about the default QoS configuration on a Cisco switch is true? 

A. All traffic is sent through four egress queues. 

B. Port trust is enabled. 

C. The Port Cos value is 0. 

D. The Cos value of each tagged packet is modified. 

Answer: C 


QUESTION 9 

Which two statements about IPv4 and IPv6 networks are true? (Choose two.) 

A. In IPv6, hosts perform fragmentation. 

B. IPv6 uses a UDP checksum to verify packet integrity. 

C. In IPv6, routers perform fragmentation. 

D. In IPv4, fragmentation is performed by the source of the packet. 

E. IPv4 uses an optional checksum at the transport layer. 

F. IPv6 uses a required checksum at the network layer. 

Answer: AB 
Explanation: 

https://www.dsco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4- 
3/addr_serv/configuration/guide/b_ipaddr_cg43xa9k/b_ipaddr_cg42a9k_chapter_01000.pdf 


QUESTION 10 

Refer to the exhibit. If R1 generated this response to the show debug command, which statement 
about its debug its debug output is true? 
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HI tallow debug 

Condition 1: interface Fa0/0 (1 flags triggered) 

Flags: Fa0/0 

Condition 2: ip 192.168.12.1 (0 flags triggered) 

Condition 3: username cisco (0 flags triggered) 


A. After interface FaO/O becomes active, the router is allowed to generate debug output. 

B. When debug output is generated, only the user cisco is permitted to view it. 

C. R1 generates debug output as soon as IP address 192.168.0.0 is applied to interface FaO/O. 

D. Ffl generates debug output as soon as all three conditions are met. 

Answer: A 


QUESTION 11 

Which two EtherChannel modes can create an LACP EtherChannel ? 

A. on 

B. active 

C. passive 

D. auto 

E. desirable 

Answer: BC 


QUESTION 12 

Which command can you enter to disable logging for terminal lines? 

A. no logging trap 

B. no logging monitor 

C. no logging buffer 

D. no logging console 

E. no logging count 

Answer: B 


QUESTION 13 

Which two options are purposes of MSDP SA filtering? (Choose two.) 

A. to allow the filtering of PIM messages between peers 

B. to allow all SA message to be processed by MSDP peers 

C. to improve the scalability of an MSDP multicast environment 

D. to reduce the number of multicast address that are shared to MSDP peers 

E. to allow the filtering of IGMP messages between peers 

F. to reduce the number of multicast address that are distributed to other devices in the same 
multicast domain 
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Answer: CD 


QUESTION 14 

Which options is the default LACP load-balancing algorithm for IP traffic on Layer 3? 

A. the source and destinnation IP port 

B. the destination IP port 

C. the source and destination IP address 

D. the destination Porte 

E. the source IP port 

Answer: C 


QUESTION 15 

Refer to the exhibit. Which network script automation option or tool is used in the exhibit? 


from socket import socket 

del gel conhg<dev,ce. username, password): 
my socket = socket() 


A. EEM 

B. Python 

C. Bash script 

D. NETCONF 

E. REST 

Answer: B 


QUESTION 16 

Refer to the exhibit. Which two effects of this configuration are true? (Choose two.) 


Switch(conrtg)| ml n qoa srr-qurur input, priority (jurue 3 bandwidth 0 
^witch(condq) t mis qon srr-qurup input bandwidth 4 3 


A. The priority queue is disabled. 

B. Queue 1 is allocated 4 percent of the available bandwidth and queue 2 is allocated 2 percent of 
the available bandwidth. 

C. Queue 1 is a priority queue that is allocated 1/3 of the available bandwidth. 

D. Queue 1 is served twice as fast as queue 2. 

E. Queue 1 is a priority queue that is allocated 2/3 of the available bandwidth. 

F. Queue 2 is served twice as fast sa queue 1. 

Answer: AD 

QUESTION 17 
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Which three statements are true about the spanning-tree loop guard feature? (Choose three) 

A. Loop guard affects UplinkFast operation. 

B. Loop guard can be enabled on PortFast ports. 

C. Loop guard operation is not affected by the spanning-tree timers. 

D. Loop guard must be enabled on point-to-point link only. 

E. Loop guard cannot be enabled on a switch that also has root guard enabled. 

F. Loop guard can detect a unidirectional link in the same way as UDLD. 

Answer: CDE 

QUESTION 18 

Refer to the exhibit. Which statement about the 192.168.100.0/24 destination network is true? 


Rlfah ip ncirp top all 

IP-EIGRP Topol o<ty Table for AS< lOO)/ID<192.168.13.1) 

Codra: P Passive, A Active, 11 Update, 0 - Ourry, R Reply, 
r ~ r*ply Status, s at a Status 
P 192. 168. 100.0/24, 1 aucceaaora, FI) is 404601), serno S 

via 192.168.13.3 < >109600/ 1 282S6 ) , rastfT themetO/1 
via 192.168.12.2 (43S200/409600) , FastKthernetO/ll 


A. The Reported Distance for the Successor is 128256. 

B. The metric installed into the route table is 435200. 

C. he metric installed into the route table is 128256. 

D. The Reported Distance for the Feasible Successor is 409600. 

Answer: A 


QUESTION 19 

Which statement about STP port states is true? 

A. A port in the blocking state remains in that state for 30 seconds before transitioning to the 
listening state. 

B. Listening and learing are transtory port states that use the forward delay timer. 

C. When a port transitions to the learning state, it can send and receive data frames. 

D. A port in the blocking state learns address and receives BPDUs. 

Answer: B 


QUESTION 20 

Which two statements are true about an EVPL? (Choose two.) 

A. It has a high degree of transparency. 

B. It does not allow for service multiplexing. 

C. The EVPL service is also referred to as E-line. 

D. It is a point-to-point Ethernet connection between a pair of UNIs. 

Answer: CD 
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QUESTION 21 

Which OpenStack component implements role-based access control? 

A. Horizon 

B. Nova 

C. Neutron 

D. Keystone 

Answer: D 

QUESTION 22 

Refer to the exhibit. R2 is configured as the R1 neighbor in area 51, but R2 fails to receive the 
configured summary route. 

Which action can you take to correct the problem? 


R1 

interface LoopbackO 

ip address 10.1.1.1 255.255.255.0 
ip ospf 1 area 0 
ip ospf network point-to-point 
interface GigabitEtherietO/O 

ip address 192.168.252.1 255.255.255.252 
ip ospf 1 area 0 
interface GigabitEthernetl/O 

ip address 172.16.252.1 255.255.255.252 
ip ospf 1 area 51 
router ospf 1 

router-id 10.1.1.1 

summary-address 192.168.0.0 255.255.0.0 


A. Replace the summary-address command with the area-range command. 

B. Configure a summary address under R1 interface GigabitEthernet0/0. 

C. Configure a summary address under R1 interface GigabitEthernetl/O. 

D. Configure the no discard-route command in the OSPF process of R1. 

E. Configure ip ospf network broadcast under the LoopbackO interface of R1. 

Answer: A 


QUESTION 23 

Which two conditions must be met before IS-IS Level 1 routers will become adjacent?(Choose 
two.) 

A. The routers must share a common Autonomous System Number. 
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B. The router must share a common process ID. 

C. The router must be in different areas. 

D. The routers must share a common network segment. 

E. The routers must be configured with the neighbor command. 

F. The routers must be in the same area. 

Answer: DF 


QUESTION 24 

Which two statements are true about control plane policing? (Choose two.) 

A. Control plane policing will affect only traffic that is destined to the route processor. 

B. Access lists that are used in policies for control plane policing must not use the log keyword. 

C. Access lists that use the deny rule in control plane policing do not progress to the next class. 

D. The log keyword can be used but the log-input keyword must not be used in policing. 

Answer: AB 


QUESTION 25 

Which three pieces of information are carried on OSPF type 3 LSAs? (Choose three) 

A. metric 

B. authentication type 

C. link state 

D. IP subnet 

E. external route tag 

F. subnet mask 

Answer: ACF 


QUESTION 26 

Your NetFlow collector is not working due to a large amount of traffic entering your network which 
is destined to a single IP address. 

Which NetFlow feature allows you to collect the top source hosts for this traffic on the local 
router? 

A. NetFlow can export flows only to a extermal flow collector 

B. show ip cache flow 

C. ip accounting 

D. ip flow-top-talkers 

Answer: D 


QUESTION 27 

Refer to the exhibit. R1, R2 and R3 are in different satelite offices of the same prganization. 

A multicast video source is located behind R1 .R3 frequently receives video streams intend for R2. 
These streams saturate the available bandwidth of R3. 

Which configuration change can alleviate the congestion on R3? 
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A. Configure R3 to send an immediate-leave message when necessary to stop receiving unwanted 
traffic. 

B. Configure IGMP snooping on R1, R2, and R3. 

C. Place a PIM filter on the switches and interfaces that connect to R1, R2, and R3. 

D. Enable IGMP snooping on all switches that connect to R1, R2, and R3. 

E. Place a PIM filter on the switch and interface that connect to R1 only. 

Answer: D 


QUESTION 28 

With which protocol is CoAP designed to be used? 

A. TCP 

B. SNMP 

C. UDP 

D. XMPP 

Answer: C 


QUESTION 29 

Which two solutions can reduce UDP latency? (Choose two.) 

A. fast retransmission 

B. fast recovery 

C. low-latency queuing 

D. IP service level agreements 

E. congestion-avoidance algorithm 
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Answer: CD 
Explanation: 

In the actual exam, if becomes single choice question just choose C. 


QUESTION 30 

Which three statements describe the characteristics of a VPLS architecture? (Choose three.) 

A. It forwards Ethernet frames. 

B. It maps MAC address destinations to IP next hops 

C. It supports MAC address aging. 

D. It replicates broadcast and multicast frames to multiple ports. 

E. It conveys MAC address reachability information in a separate control protocol. 

F. It can suppress the flooding of traffic. 

Answer: ACD 


QUESTION 31 

Which command address learning on the configures port security on a switch to enable 
permanent MAC interface? 

A. switchport port-security mac-address-learning enable 

B. switchport port-security mac-address timer 0 

C. switchport port-security mac-address sticky 

D. switchport port-security mac-address maximum 1 sticky 

E. switchport port-security mac-address permanent 

Answer: C 


QUESTION 32 

Refer to the exhibit. Which two statements can this output verify? (Choose two) 


EIGRP-IPv4 neighbors Cor process 59 


Adctrrn;* 


Interface 


192*168.252.8 Oil/I3 
Restart time 00:00:24 

Version 12.2/3.0, Petrans: 1, Petries 
Topology-ida from peer - 0 


Hold Uptime 
(sec) 

14 00:00:28 


SRTT 

(ms) 

1 


RTO Q 5eq 
Cnt Hum 
200 0 5 


A. The device will wait 200 ms before retransmitting an EIGRP packet. 

B. The device must receive an EIGRP packet within 24 seconds to maintain a neighbor relationship. 

C. The EIGRP neighbor has been up for 28 seconds. 

D. The device must receive an EIGRP packet within 28 seconds to maintain a neighbor relatio nship. 

E. The device will tear down and restart its EIGRP process in 24 seconds. 

F. The EIGRP neighbor has been up for 28 ms. 

Answer: AC 
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QUESTION 33 

Which option describes the purpose of the as-set argument of the aggregate-address command? 


router b<jp 64 496 

no aynchronizotlon 

bop log-neiqhbor-changea 

(njqreqate-addreaa 10 . 0 . 0.0 255 . 0 . 0.0 aa-aet suasmary-only 
neighbor 192 . 168 . 1.2 rciaote-aa 64497 
neighbor 192 . 168 . 2.2 rcnote-aa 64498 
neighbor 192 . 16 e . 3.2 renote-sa 64499 
no auto aunaary 


A. It provides an AS path in the aggregate advertisement that contains only the local AS number. 

B. It provides a predefined AS path in the aggregate advertisement that is used to indicate an 
aggregate prefix. 

C. It provides an AS path in the aggregate advertisement that includes the AS numbers of the 
component members. 

D. It provides a list of AS numbers top which the aggregate is advertised. 

Answer: C 


QUESTION 34 

Refer to the exhibit. The route-map wan2site is being used for redistributing BGP routes into the 
eigrp 28 process. 

Which option best describes the resulting redistribution of routes? 



A. policy routing matches 0 packets means that there are no matches and no routes are being 
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redistributed 

B. all routes are being redistributed with a metric and a tag 

C. The deny sequence 5 is preventing any routes from and a tag 

D. a default routes is being redistributed with a metric and a tag 

Answer: C 


QUESTION 35 

Which two features are incompatible with Loop Guard on a port? (Choose two.) 

A. Root Guard 

B. PortFast 

C. UplinkFast 

D. BackboneFast 

E. BPDU skew detection 

Answer: AB 


QUESTION 36 

Refer to the exhibit. Which statement about the R1 multicast network environment is true? 



A. RPF builds the topology using the unicast data for source address 10.1.108.10. 

B. A static mroute configured to point multicast traffic for 10.30.30.32 through Ethernet 1/0. 

C. RPF uses the OSPF 100 table for source address 10.1.108.10. 

D. The default mroute uses Tunnel 10 as the exit interface for 10.1.108.10. 

Answer: D 


QUESTION 37 

Refer to the exhibit. R1 has an OSPF path to R2 and R3 for 10.1.0.0/24, but R1 has a routing 
entry for 10.1.0.0/24 from only one router at a time. 

Which option is the most likely cause? 
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10 0 0 0/24 



A. The R1 maximum-path is set to 1. 

B. R2 has a higher administrative distance. 

C. R2 is using a filter list. 

D. R2 is using an offset-list. 

Answer: A 


QUESTION 38 

Refer to the exhibit. The router sets local-preference to which option when it receives a BGProute 
with a comminty string 1000:130 from a neighbor in the LocalSite peer-group? 
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router bgp 65500 

neighbor LocalSite peer-group 

neighbor LocalSite ebgp-multihop 2 

neighbor LocalSite update - source LoopbackO 

neighbor LocalSite next-hop-self 

neighbor LocalSite route-map CheckCommunity in 

neighbor LocalSite route-map CPodPeer out 

i 

route-map CheckCouuuunity permit 8 
match community 8 
set local-preference 80 

route-map CheckCouuuunity permit 10 
match community 1 
set local-preference 110 

i 

route-map CheckCouuuunity permit 30 
{ 

ip community-list 1 permit 1000:100 
ip community-list 3 permit 1000:130 
ip community-list 8 permit 1000:80 


A. 80 

B. 110 

C. 130 

D. no setting 

E. the default value 

Answer: E 


QUESTION 39 

Refer to the exhibit. Which routes are advertised by the router? 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


15 















Pass Leader* 

Leader of IT Certifications 



A. No routers 

B. All routers 

C. BGP routes from AS 65006 and BGP routes sourced on this router 

D. BGP routers sourced on this router 

E. BGP routes from AS 65006 

Answer: C 


QUESTION 40 

You are configuring CoS-to-DSCP mappings with three requirements: 

- COS 1 must be translated into AF13. 

- COS 2 must be translated into AF22. 

- COS 5 must be translated into EF. 

Which configuration command can you use to implement the requirements? 

A. mis qos map cos-dscp 0 10 18 24 32 46 48 56 

B. mis qos map cos-dscp 0 12 18 24 32 46 48 56 

C. mis qos map cos-dscp 0 14 20 24 32 46 48 56 

D. mis qos map cos-dscp 0 12 18 24 32 40 46 56 

Answer: C 


QUESTION 41 

Which three of the following security controls would you take into consideration when 
implementing loT capabities? (Choose three.) 
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A. Layered Security Appoach. 

B. Place security above functionality. 

C. Define lifecycle controls for loT devices. 

D. Privacy impact Assessment. 

E. Change passwords every 90 days. 

F. Implement Intrusion Detection Systems on loT devices. 

Answer: ADE 


QUESTION 42 

Which EIGRP feature allows the use of leak maps? 

A. offset-list 

B. neighbor 

C. address-family 

D. stub 

Answer: D 


QUESTION 43 

Refer to the exhibit. Which IPv6 OSPF network type is applied to interface Fa0/0 of R2 by 
default? 



A. broadcast 

B. Ethernet 

C. multipoint 

D. point-to-point 

Answer: A 


QUESTION 44 

Which option describes the characteristics of a public Infrastructure as a Serveice cloud service 
model? 

A. It is a way of delivering cloud-computing infrastructure (servers, storage, network, and operating 
systems) as an on-demand service. 

B. It is a cloud service where the underlying hardware is managed by the cloud service provider. 
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C. It is a cloud-computing platform that facilitates the creation of web applications without the need 
to maintain the supporting software applications. 

D. It is a cloud-computing platform that facilitates the creation of web applications without the need 
to maintain the supporting software operating systems. 

Answer: A 


QUESTION 45 

Which effect of configuring the passive-interface S0/0 command under the EIGRP routing 
process is true? 

A. It prevents EIGRP neighbor relationships from being formed over interface S0/0. 

B. It configures interface S0/0 to send hello packets with the passive-interface bit set. 

C. It configures interface S0/0 to suppress all outgoing routing updates. 

D. It configures interface S0/0 to reject all incoming routing updates. 

Answer: A 


QUESTION 46 

What is the default IS-IS interface metric on a Cisco router? 

A. 255 

B. 64 

C. 10 

D. 128 

Answer: C 


QUESTION 47 

Which two items must be defined to capture packet data with the Embedded Packet Capture 
feature? (Choose two.) 

A. the capture rate 

B. the capture point 

C. the capture buffer 

D. the buffer memory size 

E. the capture filter 

F. the capture file export location 

Answer: BE 


QUESTION 48 

When you configure an IPv6 IPsec tunnel, which two fields can represent the ISAKMP identity of 
a peer? (Choose two) 

A. Authentication method 

B. DH group identifier 

C. Hostname 

D. IPv6 address 
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E. Encryption algorithm 

Answer: CD 


QUESTION 49 

Which action enables passive interfaces in RIPv6(RIPng)? 

A. Use "passive-interface default" under the routing process. 

B. Enable passive-interface on interface configuration. 

C. passive interface are not supported in RIPng. 

D. Enable passive-interface for each interface under the routing process. 

Answer: C 


QUESTION 50 

Which statement is true about IGMP? 

A. Multicast sources send IGMP messages to their first-hop router, which then generates a PIM join 
message that is then sent to the RP. 

B. Multicast receivers send IGMP messages to their first-hop router, which then forwards the IGMP 
messages to the RP. 

C. IGMP messages are encapsulated in PIM register messages and sent to the RP. 

D. Multicast receivers send IGMP messages to signal their interest to receive traffic for specific 
multicast groups. 

Answer: D 


QUESTION 51 

Which two Cisco Express Forwarding tables are located in the data plane? (Choose two.) 

A. the label forwarding information base 

B. the forwarding information base 

C. the label information table 

D. the IP routing table 

E. the adjacency table 

Answer: BE 
Explanation: 

http://www.cisco.eom/c/en/us/td/docs/ios/12_2/switch/configuration/guide/fswtch_c/xcfcef.html 


QUESTION 52 

What does the DIS on a LAN periodically transmit in multicast to ensure that the IS-IS link-state 
database is accurate? 

A. ISH 

B. CSNP 

C. IIH 

D. PSNP 

E. LIP 
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Answer: B 


QUESTION 53 

Which two statements about DMVPN with NHRP are true? (Choose two) 

A. NHRP shortens the configuration of the hub router. 

B. NHRP dynamically provides information about the spoke routers to the hub. 

C. NHRP disables multicast 

D. The hub router uses NHRP to initiate the GRE tunnel with spokes. 

E. The spoke routers act as the NHRP servers. 

Answer: AB 


QUESTION 54 

Refer to the exhibit. Which two options are effects of this configuration when the router is unable 
to reach the TACACS+ server? (Choose two.) 



A. Users cannot log in ti the router 

B. Users can log in to the router EXEC mode without entering a password. 

C. Users can log in to the router user EXEC mode with the username ciscol and the password 

cisco2. 

D. Users can log in to the router privileged EXEC mode with the username ciscol and the password 
cisco2. 

E. Users can log in to the router privileged EXEC mode without entering a password. 

F. Users can log in to the router privileged EXEC mode without a username and with the password 

cisco3. 

Answer: BF 

QUESTION 55 

Refer to the exhibit. Which configuration must you apply to a router so that it can generate a log 

message in the given format? 
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A. service sequence-numbers 

B. service timestamps log datetime 

C. service timestamps log uptime 

D. service alignment logging 

Answer: C 


QUESTION 56 

Refer to the exhibit. When traffic marked as CoS 5 arrives on the switch, what DSCP value does 
the switch apply? 



A. 0 

B. 32 

C. 40 

D. 46 

E. 48 

Answer: B 


QUESTION 57 

Which feature provides local database policy options that are similar to those of TACACS+ and 
RADIUS servers? 

A. authentication fallback 

B. reflexive ACLs 

C. AAA attributes 

D. 802.lx 

Answer: D 


QUESTION 58 
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Which two statements about IGMP are true?(Choose two.) 

A. IGMPv2 supports explicit source signaling. 

B. IGMPv3 is the first version of IGMP to support a basic query-response mechanism. 

C. IGMPv2 supports IGMP querier election. 

D. IGMPvl supports group-specific queries. 

E. IGMPv3 uses 224.0.0.22 as destination address for reports. 

Answer: CE 


QUESTION 59 

Refer to the exhibit. How is voice traffic entering this router on interface GigabitEthernetO/O being 
handled by the shown marking policy? 



A. Any traffic matching access-list voice is trusted and marking is not changed. 

B. All voice is being set to DSCP 0 

C. All voice is being set to AF21 

D. Any traffic matching access-list voice is set to EF 

Answer: A 


QUESTION 60 

Refer to the exhibit. After you configure the given IP SLA on a Cisco router, you note that the 
device is unable to fialover to the backup route even when pings to 10.12.34.5 fail. 
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A. Change the ip route 0.0.0.0 0.0.0.0 192.168.1.153 200 command to ip route 0.0.0.0 0.0.0.0 
192.168.1.153 12. 

B. Change the ip sla schedule 12 life forever start-time now command to ip sla schedule 12 life 
forever start-time 00:12:00. 

C. Change the track 12 ip sla 12 state command to track 12 ip sla 12 reachability. 

D. Change the frequency 2 command to frequency 12. 

Answer: C 


QUESTION 61 

Which IPv6 migration method relies on dynamic tunnels that use the 2002::/16 reserved address 
space? 

A. 6RD 

B. 6to4 

C. ISATAP 

D. GRE 

Answer: B 


QUESTION 62 

Which keychain cryptographic algorithm is supported by the IS-IS routing protocol? 

A. HMAC-SHA1-20 

B. HMAC-SHA1-12 

C. HMAC-MD5 

D. MD5 

Answer: C 


QUESTION 63 

What feature can a device use to identify other members of the same IPv6 multicast group on a 
network segment? 
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A. MLD 

B. MSDP 

C. source-specific multicast 

D. rendezvous points 

Answer: A 


QUESTION 64 

Which two statement about the EIGRP Over the Top feature are true?(Choose two.) 

A. EIGRP routers traffic between the PE devices. 

B. Traffic is LISP-encapsulated on the control plan 

C. The neighbor command must be configured with LISP encapsulation on wach CE devic 

D. The network statement must be configured on each PE device to connect separate EIGRP sites. 

E. The network statement must be configured on each CE device to connect separate EIGRP sites. 

F. Traffic is LISP-encapsulated on the data plan 

Answer: CF 


QUESTION 65 

Which marking field is used only as an internal marking within a router? 

A. QOS Group 

B. Discard Eligiblity 

C. IP Precedence 

D. MPLS Experimental 

Answer: A 


QUESTION 66 

Which two statements about lANA-reserved addresses are true?(Choose two.) 

A. The prefix FF9::/32 is reserved for source-specific multicast on IPv6. 

B. The address range 239.0.0.0/8 is reserved for source-specific multicast on IPv4. 

C. The address range 232.0.0.0/8 is reserved for source-specific multicast on IPv4. 

D. The prefix FF3x::/32 is reserved for source-specific multicast on IPv6. 

E. The address range 225.0.0.0/8 is reserved for source-specific multicast on IPv4. 

F. The prefix FF00::/32 is reserved for source-specific multicast on IPv6. 

Answer: CD 


QUESTION 67 

Refer to the exhibit. Which configuration must you apply to a router so that it can generate a log 
message in this format? 


00023: *Jan 3 01:45:35.895 UTC: %SYS-5-C0NFIG_I: Configured from 
console by console 
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A. service timestamps log datetime localtime show-timezoneservice sequence-numbers 

B. service timestamps log datetime msec localtimeservice sequence-numbers 

C. service timestamps log datetime msec localtime show-timezoneservice alignment logging 

D. service timestamps log datetime msec localtime show-timezoneservice linenumber 

E. service timestamps log datetime msec localtime show-timezoneservice sequence-numbers 

Answer: E 


QUESTION 68 

Which two commands should you enter to enable IP Source Guard with IP and MAC address 
filtering? (Choose two) 

A. ip verify source tracking 

B. switch port port-security 

C. ip verify unicast source 

D. ip verify source 

E. ip verify source port-security 

Answer: AE 


QUESTION 69 

Which two statements about IP source guard are true? (Choose two.) 

A. It must be applied to EtherChannel port members. 

B. It is available only on L2 ports. 

C. It is supported in software only. 

D. It is not supported on private VLANS. 

E. It blocks DHCP packets. 

Answer: BD 


QUESTION 70 

Which two statements about IS-IS neighbor adjacencies are true?(Choose two.) 

A. Each device must have the same 6-type system ID. 

B. Neighboring devices must have the same level. 

C. If the ignore-mtu command is configured on both devices, the devices can have different MTU 
settings. 

D. Each device's 4-type router ID must be unique. 

E. Level 1 devices must be in the same area. 

Answer: BE 
Explanation: 

An IS-IS router establishes separate adjacencies with its neighbors running on the same level. 
Level 1 adjacencies are created only between routers with the same area identifier.8 G, 


QUESTION 71 

Refer to the exhibit, while reviewing a log file on a router with this NTP configuration, you note 
that the log entries of the router display a different time than the NTP time. 
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clock timezone ES7 -5 
clock summer-tine H'JZ recurring 
service tiroestamrs debug datetime 
service timestamps ioq datetime 
logging buffered 5000 debugging 
ntp clock-period 17179272 
ntp server 10.181.23.23 


Which action can you take to correct the problem? 

A. add the local time keyword to the service timestamps log datetime statement. 

B. add the msec keyword to the service time stamps log datetime statement 

C. add the statement ntp broadcast to the ntp configuration of the neighboring router 

D. configure the router to be the NTP master 

E. Remove the datetime keyword from the service time stamps log datetime statement. 

Answer: A 


QUESTION 72 

What command can you enter to enable client auto configuration over an ISATAP tunnel? 

A. tunnel mode ipv6ip isatap 

B. no ipv6 nd ra suppress 

C. ipv6 nd ra suppress 

D. tunnel mode ipv6ip 6rd 

Answer: B 


QUESTION 73 

Refer to the exhibit. After you apply the given configurations to R1 and R2, which networks does 
R2 advertise to R1 ? 
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R1 

interface raatEthecnetO/O 
ip address 192.168.12.1 

2SS.2SS.2SS.0 

router rip 
version 2 

network 192.168.12.0 


R2 

Interface Fas tE the rne t.O/0 
ip address 192.168.12.2 
lp aummary-address rip 

2SS.2SS.2SS.0 

172.16.32.0 255.2SS. 2«0. O 

interface FastlthernetO/l 
ip address 172.16.33.2 

255.255.255. O 

router rip 

version 2 

network 172.16.0.0 

network 192 . 168 . 12.0 

- L> - 1 


A. both 172.16.32.0/20 and 172.16.33.0/24 

B. 172.16.32.0/20 only 

C. 172.16.0.0/16 only 

D. 172.16.33.0/24 only 

Answer: C 


QUESTION 74 

Which command can you enter on a device so that unsolicited log messages appear on the 
console after solicited log messages? 

A. logging bufferd 4096 

B. no logging console 

C. ogging synchronous 

D. service timestamps log uptime 

Answer: C 


QUESTION 75 

Refer to the exhibit. What are two effects of the given configuration? (Choose two) 
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interface LoopbackO 

ip address 172.1.1.1 255.255.255.255 
ip pirn dense-mode 
interface FastEthernetO/O 

ip address 192.168.12.1 255.255.255.0 
ip pim dense-mode 
interface FastEthernetO/1 

ip address 192.168.14.1 255.255.255.0 
ip Dim dense-mode 

ip pim bidir-enableip pim send-rp-announce LoopbackO scope 5 group-list 1 bidir 
ip pim send-rp-discovery scope 5 

access-list 1 deny 224.1.1.1 

access-list 1 permit 239.0.0.0 0.255.255.255 


A. Source for the 224.1.1.1 multicast stream will register with 172.1.1.1. 

B. It configures 172.1.1.1 as a spare-mode rendezvous point. 

C. Multicast stream 224.1.1.1 will operate in spare mode. 

D. It configures 172.1.1.1 as the Bidir-PIM rendezvous point. 

E. Multicast stream 224.1.1.1 will operate in dense mode. 

F. Sources for the 239.1.1.1 multicast stream will register with 172.1.1.1. 

Answer: DF 


QUESTION 76 

Refer to the exhibit. R1 is unable to ping the device at 10.3.3.3. Which two options are possible 
reasons for the problem? (Choose two.) 


10.3.3.3 



5, 100-byte ICMP Echos to 10.3.3.3, 
is 0 percent (0/5) 


tiaeout is 2 seconds: 


Rltsh run I sec ip route 

ip route 10.3.3.3 2SS.2SS.2SS.2SS EastEthernet0/0 


Allah arp 
Protocol Addreaa 
■Kiiial 10.3.3.3 


192.166.12.1 

192.166.12.2 


Age (min) Hardware Addr Type Interface 

o Incomplete Ain 

C001.2314.0000 ARPA FaatEtheraetO/O 

4 c002.24f0.0000 ARPA FaatEthernet0/0 


Rl#debug arp 

ARP packet debugging 1 a on 

•Mar 1 00:07:52.851: IP ARP: sent req arc 192.166.12.1 cOOl.2314.0000, 
dat 10.3.3.3 0000.0000.0000 FaatEthernetO/O. 

•Mar 1 00:07:54.651: IP ARP: aent req arc 192.168.12.1 cOOl.2314.0000, 
dat 10.3.3.3 0000.0000.0000 FaatEthemetO/O. 

•Mar 1 00:07:56.651: IP ARP: aent req arc 192.166.12.1 cOOl.2314.0000, 
dat 10.3.3.3 0000.0000.0000 FaatEthernet0/0. 
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A. The static route is configured as a host route. 

B. The static route points to a broadcast interface without a next-hop. 

C. IP CEF is disabled on the local router. 

D. Proxy ARP is disabled on the next-hop router. 

E. The dynamic routing protocol configuration is missing. 

F. IP CEF is disabled on the remote router. 

Answer: BD 


QUESTION 77 

Which circumstance can cause interface overruns? 

A. microbursts 

B. asymmetric routing 

C. out-of-order packets 

D. fragmentation 

Answer: A 


QUESTION 78 

Which two options are benefits of Metro Ethernet?(Choose two.) 

A. It supports CHAP authentication. 

B. It inclodes a comprehensive framing mechanism. 

C. It integrates seamlessly throughout the enterprise. 

D. It can negate link parameters such as frame speed. 

E. It provides lower cost per-port than other WAN technologies. 

Answer: CE 


QUESTION 79 

Which statement about Control Plane Policing is true? 

A. It queues egress packets that would otherwise be discarde 

B. It applies to packets that are generated locally. 

C. It queues ingress packets that would otherwise be discarde 

D. It applies to packets that are punted to the route processor. 

Answer: D 
Explanation: 

CoPP applies to all packets that punt to the route processor for handling. 
http://www.cisco.eom/c/en/us/about/security-center/copp-best-practices.html 


QUESTION 80 

Which statement about Type-4 LSA in 0SPFv2 is true? 

A. It is present only in the backbone area. 

B. It is generated by each ABR and forwarded in non-stub areas. 
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C. It is forwarded in NSSA areas. 

D. It is generated by the ASBR and forwarded throughout the whole OSPF domain. 

Answer: B 


QUESTION 81 

Which option describes a difference between Ansible and Puppet? 

A. Ansible is client-server based, and Puppet is not. 

B. Ansible requires an agent, and Puppet does not. 

C. Ansible is Python based, and Puppet is Ruby based. 

D. Ansible autonates repetitive tasks, and Puppet allows you to run plain ssh command. 

Answer: C 

QUESTION 82 

Which two improvements do SIA-Query and SIA-Reply messages add to EIGRP? (Choose two.) 

A. Stuck-in-active conditions are solved faster. 

B. They prevent a route from going into the stuck-in-active state. 

C. They help in the localization of the real failure in the network. 

D. The EIGRP adjacency between two neighbors never goes down. 

Answer: AC 


QUESTION 83 

Which two statements are true about an EPL? (Choose two.) 

A. It is a point-to-point Ethernet connection between a pair of NNIs. 

B. It allows for service multiplexing. 

C. It has a high degree of transparency. 

D. The EPL service is also referred to as E-line. 

Answer: CD 


QUESTION 84 

Which statement about NAT64 is true? 

A. It uses one-to-one mapping between IPv6 addresses and IPv4 addresses. 

B. It requires static address mapping between IPv6 addresses and IPv4 addresses. 

C. It can be used to translate an IPv6 network to another IPv6 network. 

D. It can be configured for stateless and stateful translation. 

Answer: D 


QUESTION 85 

Which three elements compose a network entity title? (Choose three.) 
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A. 

area ID 

B. 

domain ID 

C. 

system ID 

D. 

NSAP selector 

E. 

MAC address 

F. 

IP address 


Answer: ACD 


QUESTION 86 

What technology allows a PE router to exchange VPNv4 routes with other PE routers? 

A. MPLS L3VPN 

B. MPLS L2VPN 

C. VPLS 

D. Frame Relay to ATM AAL5 Interworking 

Answer: A 


QUESTION 87 

Refer to the exhibit. If R1 contacts the RADIUS server but is unable to find the user name in the 
server database, how will R1 respond? 


R1 

aaa authentication login default group radius group tacacs+ local 


A. It will attempt to contact the TACACS+ server 

B. It will prompt the user to enter a new username 

C. It will attempt to authenticate the user against the local database 

D. It will deny the user access 

Answer: D 


QUESTION 88 

Which two statements about SNMP are true?(Choose two.) 

A. SNMPv3 uses the SHA encryption algonthm to provide authorization. 

B. SNMPv2c can provide authentication as well as encryption. 

C. SNMPv3 uses the 3DES encryption algonthm to provide data privacy. 

D. The SNMP agent is responsible for collecting data from the MIB. 

E. The SNMP manager is responsible for collecting data from the MIB. 

F. SNMPv2c supports only 32-bit counters. 

Answer: CE 


QUESTION 89 

Refer to the exhibit. Which EEM script can you apply to the device so that logged-in users are 
recorded in syslog messages? 
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*Jan 1 23:33:49: %LINK-5-CHANGE: Interface Ethernet 1/0,changed state 
to administratively down 


event manager applet INTF-SHUTDOWN 

event syslog pattern "Interface Ethernetl/0. ^administratively down.*" 

action 1.0 cli command "enable" 

action 2.0 cli command "config t" 

action 3.0 cli command "interface Ethernetl/0” 

action 4.0 cli command "no shutdown" 

action 5.0 cli command "end" 

action 6. 0 cli command "who" 

action 7.0 syslog msg "$clijresult" 

event manager applet INTF-SHUTDOWN 

event syslog pattern “Interface Ethernetl/0 administratively down.*" 

action 1.0 cli command "enable" 

action 2.0 cli command "config t" 

action 3.0 cli command "interface Ethernetl/0" 

action 4. 0 cli command "no shutdown" 

action 5.0 cli command "end" 

action 6.0 cli command "who" 

action 7.0 syslog msg "cli result" 

event manager applet INTF-SHUTDOWN 

event syslog pattern ” . *Interface Ethernetl/0. *administratively down.*" 

action 1.0 cli command "enable" 

action 2.0 cli command "config t" 

action 3.0 cli command "interface Ethernetl/0" 

action 4.0 cli command "no shutdown" 

action 5.0 cli command "end" 

action 6.0 cli command "who" 

action 7.0 syslog msg "$cli result" 

event manager applet INTF-SHUTDOWN 

event syslog pattern ” . *Interface Ethernetl/0. *administratively down. *" 

action 1.0 cli command "enable" 

action 2.0 cli command "config t” 

action 3.0 cli command "interface Ethernetl/0" 

action 4.0 cli command "no shutdown" 

action 5.0 cli command "end" 

action 6.0 cli command "who" 

action 7.0 syslog msg "_cli_result" 


Answer: C 


QUESTION 90 
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Which two protocols are used by the management plane?(Choose two.) 


A. 

OSPF 

B. 

ISSU 

C. 

FTP 

D. 

BGP 

E. 

Telnet 

F. 

DTP 


Answer: CE 


QUESTION 91 

What are three of the key fields that define a unique NetFlow flow?(Choose two.) 

A. Canonical Format Identifier 

B. Cyclic Redundancy Check 

C. Type of service 

D. Source MAC address 

E. Input logical interface 

F. Layer 3 protocol type 

Answer: CEF 
Explanation: 

IP Packet attributes used by NetFlow: 

• IP source address 

• IP destination address 

• Source port 

• Destination port 

• Layer 3 protocol type 

• Class of Service 

• Router or switch interface 


QUESTION 92 

Refer to the exhibit. Which additional configuration statement is required on R3 in order to allow 
multicast traffic sourced from 192.168.13.3 to flow along the shared-tree? 
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R3#show ip route 

Gateway of last resort is not sec 

0 192.168.12.0/24 (110/20] via 192.168.23.2, 00:07:27, FastEthernet 

C 192.168.13.0/24 is directly connected, TunnelO 

0 192.168.14.0/24 (110/30) via 192.168.23.2, 00:07:27, FastEthernet 

10.0.0.0/32 is subnetted, 2 subnets 
C 10.3.3.3 is directly connected, LoopbackO 

0 10.4.4.4 (110/31] via 192.168.23.2, 00:07:27, FastEthernetO/0 

C 192.16e.23.0/24 is directly connected, FastEthemetO/0 

R39show ip mroute 

(*, 239.1.1.1), 00:01:31/stopped, RP 10.4.4.4, flags: SPF 
Incoming interface: FastEthernetO/O, RPF nbr 192.168.23.2 
Outgoing interface list: Null 

(10.3.3.3, 239.1.1.1), 00:00:40/00:02:55, flags: FT 

Incoming interface: LoopbackO, RPF nbr 0.0.0.0, Registering 
Outgoing interface list: 

FastEthernetO/O, Forward/Sparse, 00:00:39/00:02:50 


A. ip route 192.168.14.0 255.255.255.0 Tunnel 0 

B. ip route 10.4.4.4 255.255255.255 Tunnel 0 

C. ip mroute 10.4.4.4 255.255.255.255 Tunnel 0 

D. ip mroute 192.168.14.0 255.255.255.0 Tunnel 0 

Answer: C 


QUESTION 93 

You are implementing new addressing with EIGRP routing and must use secondary addresses, 
which are missing from the routing table. 

Which action is the most efficient solution to the problem? 

A. Disable split-horizon on the interfaces with secondary addresses. 

B. Disable split-horizon inside the EIGRP process on the router with the secondary interface 
addresses. 

C. Add additional router interfaces and move the secondary addresses to the new interfaces. 

D. Use a different routing protocol and redistribute the routes between EIGRP and the new protocol. 

Answer: A 


QUESTION 94 

Which two statements about the command distance bgp 90 60 120 are true? (Choose two.) 

A. Implementing the command is a Cisco best practice. 

B. The external distance it sets is preferred over the internal distance. 

C. The internal distance it sets is preferred over the external distance. 

D. The local distance it sets may conflict with the EIGRP administrative distance. 
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E. The internal distance it sets may conflict with the EIGRP administrative distance. 

F. The local distance it sets may conflict with the RIP administrative distance. 

Answer: CF 


QUESTION 95 

Refer to the exhibit. Which statement describes how a router with this configuration treats packets 
if the devices at 172.16.12.5 and 192.168.3.2 are unreachable? 


interface Ethernet 0/0 

ip policy route-map PBR 
route-map PBR 

match ip address 144 

set ip next-hop 172.16.12.5 

set ip next-hop recursive 192.168.3.2 


A. It routes the packet based on the packet's destination using the route table 

B. It routers the packet into a loop and drops it when the TTL reaches zero. 

C. It drop the packet immediately. 

D. It sends an ICMP source quench message. 

Answer: A 


QUESTION 96 

What is the default behavior for a manual summary route when a component route of the 

summary disappears? 

A. Regardless of the metric if the componnent route, the metric of the summary is unchanged in 
order to keep stability. 

B. If the component route previously had the best composite metric, the same summary metric is 
retained for stability. 

C. If the component route previously had the best composite metric, the metric of the summary 
changes to the next-best composite metric. 

D. if the component route previously did not have the best composite metric, the summary metric 
updated, and updates are sent to peers. 

Answer: C 


QUESTION 97 

Which feature can you implement to reduce global synchronization? 

A. WRED 

B. marking 

C. policing 

D. NBAR 
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Answer: A 


QUESTION 98 

What are the two variants of NTPv4? (Choose two.) 

A. client/server 

B. broadcast 

C. multicast 

D. asymmetric 

E. unicast 

Answer: AB 


QUESTION 99 

Refer to the exhibit. If router R1 sends traffic marked with IP precedence 3 to R2's Loopback 0 
address, which class would the traffic match on R2's Gil/0 interface? 


LoO 172.16.193 1/32 


0 ) 1/0 

10.1.2 1/24 


R2 

class-aap aacch-any CH-CLASS1 
aacch ip dscp af31 
class-aap aacch-any CK-CLASS3 
aacch ip dscp af33 
class-aap aatch-any CH-CLASS2 
aacch ip dscp at32 

policy-aap PH-IHGFZSS 
class CH-CLASS1 
class CH-CLASS2 
class CH-CLASS3 

interface GigabitEchernetl/O 

service-policy input PH-INGP£SS 




A. CM-CLASS-3 

B. class-default 
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C. CM-CLASS-2 

D. CM-CLASS-1 

Answer: B 


QUESTION 100 

Which cache aggregation scheme is supported by NetFlow ToS-based router aggregation? 

A. prefix-port 

B. AS 

C. protocol port 

D. destination prefix 

Answer: A 


QUESTION 101 

Which IPv4 feature prevents multicast joins on a per-port basis? 

A. MLD filtering 

B. IGMP filtering 

C. IGMP snooping 

D. PIM snooping 

Answer: B 


QUESTION 102 

Refer to the exhibit. What is the PHB class on this flow? 


RIO 1#show ip 
(...] 

Srclf 

cache verbose 

flow 




SrcIPaddress 

Dstlf 


DstIPaddress 

Pr TOS Figs Pkts 

Port Msk AS 


Port Msk 

AS 

NextHop 

B/Pk Active 

EtO/O 

10.0.0.1 

Etl/0* 


14.0.0.2 

01 80 10 1 

0000 /0 0 


0800 /0 

0 

0.0.0.0 

100 0.0 


A. none 

B. CS4 

C. EF 

D. AF21 

Answer: B 


QUESTION 103 

Refer to the exhibit. Which statement describes what the authoritative flag indicates? 
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Rllshov ip nhcp detail 

10.10.10.2/32 via 10.10.10.2, TimnelO cceated 00:16:59, expire 00:00:30 
Type: dyna&ic, Flags: authoritative unique registered used 
JIB HA address: 192.168.2.2 

10.10.10.3/32 via 10.10.10.3, TimnelO created 00:11:34, expire 00:00:5S 
Type: dynaaic. Flags: authoritative unique registered used 
iJBMA address: 192.168.3.3 


A. The registration request had the same flag set. 

B. Authentication was used for the mapping. 

C. R1 learned about the NHRP mapping from a registration request. 

D. Duplicate mapping in the NHRP cache is prevented. 

Answer: C 


QUESTION 104 

Which statement is true when using a VLAN ID from the extended ULAN range (1006- 4094)? 

A. STP is disabled by default on extended-range VLANs. 

B. VLANs in the extended VLAN range can only be used as private VLANs. 

C. VLANs in the extended VLAN range cannot be pruned. 

D. VLANs in the extended VLAN range can be used with VTPV2 in either client or server 

mode. 

Answer: C 


QUESTION 105 

Which trunking configuration between two Cisco switches can cause a security risk? 

A. configuring incorrect channel-groups on the switches 

B. configuring different trunk modes on the switches 

C. disabling DTP on the trunk ports 

D. configuring different native VLANs on the switches 

E. configuring mismatched VLANs on the trunk 

Answer: D 


QUESTION 106 

Refer to the exhibit. With BGP always-compare-med enabled, which BGP entry is installed in the 
RIB? 


entry1: AS(PATH) 

400, 

med 

150, 

external. 

rid 

r) ry ry 

entry2: AS(PATH) 

100, 

med 

200, 

external, 

rid 

X.1.1.1 

entry3: AS(PATH) 

400, 

med 

100, 

internal. 

rid 

3.3.3.3 


A. Entry 1 because it was installed first (oldest) in the BGP table. 
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B. Entry 1 because it has the best MED of the external routes. 

C. Entry 2 because it has the lowest router ID. 

D. Entry 3 because it has the lowest MED. 

Answer: D 


QUESTION 107 

Refer to the exhibit. What type of IS-IS is configured on R1 ? 


R1 

interface Loopback!) 

ip address 172 . 16 . 1.1 255 . 255 . 
ip router xsis 
ipv6 address 2001 : DBA :ll±±z:l/ LZS 
ipv€ router isis 


interface FastEthernecO/O 

ip address 192.168.10.1 255.255.255.O 
ip router isis 

ipv£ address 2001:DBA:10::1/4S 
ipv6 router xsis 

router isis 

net Ol. OOOl.OOOO. 0000 . OOOl.OO 


A. VRF-aware IS-IS 

B. IS-IS version 2 

C. single-topology IS-IS 

D. mufti-process IS-IS 

Answer: C 


QUESTION 108 

Which statement about Cisco StackWise technology is true? 

A. All switches in a stack share configuration and routing information to behave as a single unit 

B. Removing switches can affect stack performance 

C. Only the master switch acts as a forwarding processor 

D. Every switch in a stack has its own independent and uncoordinated configuration file, which 
enables it to become the stack master if the previous master fails 

Answer: A 
Explanation: 

Configuration and routing information is shared by every switch in the stack, creating a single 
switching unit. 

http://www.dsco.com/c/en/us/products/collateral/switches/catalyst-3750-series- 
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switches/prod_white_paper09186a00801 b096a.html 


QUESTION 109 

Refer to the exhibit. Which two statements are true regarding prefix 10.1.0.0/24? (Choose two.) 


MC#sh pfr master traffic-class 
OER Prefix Statistics: 

Pas - Passive, Act - Active, S - Short term, L - Long term, Dly - Delay (ms), 

P - Percentage below threshold. Jit - Jitter (ms), 

MOS - Mean Opinion Score 

Los - Packet Loss (packets-per-million), Un - Unreachable (flows-per-million), 
E - Egress, I - Ingress, Bw - Bandwidth (kbps), N - Not applioable 
U - unknown, * - uncontrolled, + - control more specific, @ - active probe all 
# - Prefix monitor mode is Special, & - Blackholed Prefix 
% - Force Next-Hop, A - Prefix is denied 


DstPrefix 

Flags 

PasLDly 

ActSDly 

Appl_ID 

PasLDly 

ActLDly 

Dscp Prot SrcPort 

State Time 

PasSUn PasLUn PasSLos 
ActSUn ActLUn ActSJit 

DstPort 

Curr3R 

PasLLos 

Act PMOS 

SrcPrefix 
CurrI/F 
EBw 

ActSLos 

Protocol 

IBw 

ActLLos 

10.1.0.0/24 

N 

N 

N 

N 

N 

N 



INPOLICY* 

@83 


10.4.5.4 

Et0/1 

U 

52 

52 

0 

0 

0 

0 

67 

7 

51 

51 

0 

0 

N 

N 

N 

N 


A. The prefix is in policy, and Cisco PfR rerouted the traffic via 10.4.5.3 Et0/1 because of an OOP 
event. 

B. Cisco PfR is monitoring the prefix via passive NetFlow mode only. 

C. Cisco PfR is monitoring the prefix via active, fast, or active throughput IP SLA probe mode only. 

D. The prefix is in policy, and Cisco PfR did not reroute the traffic via 10.4.5.3 Et0/1 because the 
traffic was previously in policy. 

E. Cisco PfR is monitoring the prefix via mode monitor, which provides both NetFlow and IP SLA 
measurements. 

Answer: DE 


QUESTION 110 

Which feature can mitigate hung management sessions? 

A. Control Plane Policing 

B. the service tcp-keepalives-in and service tcp-keepalives-out command 

C. the service tcp-small servers command 

D. vty line ACLs 

Answer: B 


QUESTION 111 

What are two requirements for BFD static route support? (Choose two) 

A. CEF must be configured on all routers that will carry traffic. 

B. BFD must be configured on all Ethernet, virtual-template, and dialer interfaces that will carry 
traffic. 
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C. All routers that will carry traffic must have the same software version. 

D. All routers that will carry traffic must be the same model. 

E. Parameters must be configured on all routers that will carry traffic. 

F. Parameters must be configured on all interfaces that will carry traffic. 

Answer: AF 


QUESTION 112 

Refer to the exhibit. Which two actions can you take to allow the network 172.29.224.0/24 to be 
reachable from peer 192.168.250.53? (Choose two) 


R1 


ip community-list 10 permit 64512:100 64512:200 645212:41650 64513:1220 

route-map INTERNET-OUT permit 10 
match community 10 

router bgp 64512 

no synchronization 

neighbor INTERNET peer—group 

neighbor INTERNET remote—as 64513 

neighbor INTERNET password clsCO 

neighbor 192.168.250.53 peer—group INTERNET 

address—family ipv4 

no synchronization 

neighbor INTERNET send—community both 
neighbor INTERNET route-map INTERNET—OUT out 

Rl#show bgp 172.29.224.0 

BGP routing table entry for 172.29.224.0/24, version 607252621 

Paths: (1 available, best #1, table default) 

Multipath: eBGP 1BGP 

Advertised to update—groups: 

3 4 7 

53739 

10.10.153.12 from 10.10.153.120 (10.10.153.12) 

Origin IGP, metric 0, localpref 130, valid, external, best 

Community: 64512:555 64513:200 64513:53090 64512:64002 64513:64090 


A. Modify the community list to match communities 64513:69040 attached to 172.29.224.0/24. 

B. Configure soft reconfiguration to peering 192.168.250.53. 

C. Modify the outbound route map to permit all additional routes. 

D. Configure additional address families to peering 192.168.250.53. 

E. Modify the inbound route map to permit all additional routes 

F. Modify the community list to match community 64513:64090 attached to 172.29.224.0/24. 

Answer: CF 


QUESTION 113 

Which two options are potential impacts of microbursts? (Choose two.) 
A. unnecessary broadcast traffic 
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B. asmmetric routing 

C. tail drops 

D. invaild checksum errors 

E. packet loss 

F. inicast flooding 

Answer: CE 


QUESTION 114 

Refer to the exhibit. Which two conclusions can you draw from this command and its output? 
(Choose two.) 



A. RIO has a missing label binding for 192.168.40.171/32 

B. The MPLS ping failed. 

C. 192.168.40.171/32 exists in the global routing table. 

D. A valid LSP exists, and it matches the corresponding MPLS FEC. 

E. The MPLS ping was successful. 

F. RIO has valid label bingding for 192.168.40.171/32 

Answer: AB 


QUESTION 115 

Which DHCP message type does the DHCP server send to a client to confirm its allocated IP 
address? 

A. DHCPACK 

B. DHCPOFFER 

C. DHCPDISCOVER 

D. DHCPREQUEST 

Answer: A 


QUESTION 116 

Which statement about a Cisco APIC controller versus a more traditional SDN controler is true? 

A. APIC uses a policy agent to translate policies into instructions. 

B. APIC supports OpFlex as a Northbound protocol. 

C. APIC does support a Southbound REST API 
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D. APIC uses an imperative model 

Answer: A 


QUESTION 117 

Which attribute is not part of the BGP extended community when a PE creates a VPN-IPv4 route 
while running OSPF between PE-CE? 

A. OSPF domain identifier 

B. OSPF route type 

C. OSPF router ID 

D. MED 

E. OSPF network type 

Answer: E 


QUESTION 118 

Refer to the exhibit. R1 and R2 have been configured as BGP neighbor, but their session is stuck 
in active. 

Which action can you take that will enable a session to be established? 


Rllihow ip bqp summary 

HC.l* router identifier 10.1.1.1, looal AS number 65510 
BGF table version l» 1, main routing table version 1 


Neighbor 

10.1.17.2 


V 

4 


AS MsqRcvd HsgSent 
65510 11 n 


TblVer InQ Out Q Op/ Down State/PCxRcd 

0 0 0 00:00:00 Active 


Rilahow lp route I in 10.1.12.0 

10.1.12.0/24 la directly connected, TastEthemetO/O 

RV# show run I section router bgp 
router bgp 65530 

no synchronization 
bgp router-id 10.1.1.1 
bgp log-nelghbor-changes 
neighbor 10.1.12.2 remote-as 65530 
neighbor 10.1.12.2 update-source LoopbackO 
no auto-summary 


R2lshov ip bgp susjuiry 

BGP router Identifier 10.2.2.2, local AS number 6S53C 
BGP table version 1 a 1. main routing tab£> version 1 


Nelghbo r 
10 . 1 . 12.1 


AS 

6553 0 


HngRcvd 

11 


HsgSent. 

64 


TblVer 

0 


log 

o 


OutQ 


Up/Davn 
00:41x39 


State/ PfaKcrl 
Active 


A. Enable synchronization on R1 and R2. 

B. Issue the neighbor 10.1.12.2 active conmand on R1. 

C. Configure 10.1.12.1 as the BGP router ID on R1 

D. Configure a neighbor relationship with LoopbackO address of R1 on R2. 

Answer: D 


QUESTION 119 

Refer to the exhibit. Which two statements about the device configuration are true? (Choose two.) 
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Router# show management-interface 
Management interface GigabitEthernet 0/1 
Protocol Packets processed 

Ssh 983 

Snrnp 1275 

A. The device has control-plane protection enabled. 

B. The device implicitly allows Telnet connections. 

C. The GigabitEthernetO/1 interface of the device allows incoming SSH and SNMP connections. 

D. The device has management-plane protection enabled. 

E. The device allows SSH connections to its loopback interface. 

Answer: CD 


QUESTION 120 

How is a targeted LDP session different from a standard LDP session? 

A. Targeted LDP is used only for neighbors on different segments. 

B. Targeted LDP requires SDP to be enabled. 

C. Targeted LDP requires RSVP to be enabled. 

D. Targeted LDP uses unicast hello messages to peer with other devices. 

Answer: D 


QUESTION 121 

Refer to the exhibit. If the default-information originate always command is configured on R4, 
what route type is assigned to the default route in Rl's route table? 



A. O 

B. E2 

C. OIA 

D. El 

Answer: C 


QUESTION 122 

Refer to the exhibit. The spokes of the DMVPN with the given configuration are having QoS 
issues. 

Which two actions can you take to resolve the problem? (Choose two.) 
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crypto isakmp policy 1 

authentication pre-share 
crypto isakmp key dmvpn address 0.0.0.0 0.0.0.0 

crypto ipsec transform-set vpntrans ah-sha-haac esp-aes 25c esp-sha-hmac 
crypto ipsec profile DHYPN-PP.0F 
set transform-set vpntrans 

policy-aap SHAPE 

class class-default 
shape average 200000 

interface LoopbackO 

ip address 10.1.1.1 255.255.255.0 

interface TunnelO 

ip address 192.168.1.1 255.255.255.0 

no ip next-hop-self eigrp 1 

ip nhrp authentication dmvpn 

ip nhrp map multicast dynamic 

ip nhrp network-id 55 

ip tcp adjust-mss 1360 

no ip split-horizon eigrp 1 

tunnel source Seriall/0 

tunnel mode gre multipoint 

tunnel protection ipsec profile DMVPN-PR0F 

interface Seriall/0 

ip address 172.16.1.1 255.255.255.248 
encapsulation frame-relay 
frame-relay inverse-arp 

router eigrp 1 

network 10.0.0.0 
network 152.168.1.0 


A. Configure qos pre-classify on the tunnel interface. 

B. Configure an NHRP group on the tunnel interface and associate it to a QoS policy. 

C. Modify the configuration of the IPsec policy to accept QoS policies. 

D. Manually configure a QoS policy on the serial interface. 

E. Configure the bandwidth statement on the tunnel interface. 

F. Configure the bandwidth statement on the serial interface. 

Answer: AB 


QUESTION 123 

Which command can you enter to prevent a router from displaying Telnet connection messages 
on the terminal? 

A. service telnet-zeroldle 

B. ip telnet hidden hostname 

C. ip telnet hidden address 

D. no ip domain-lookup 
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E. ip telnet quiet 

Answer: E 


QUESTION 124 

Which description of Infrastructure as a Service is true? 

A. a cloud service that delivers on-demand Internet connection between sites 

B. a cloud service that delivers on-demand intranet connection between sites 

C. a cloud service that delivers on-demand software services on a subscription basis 

D. a cloud service that delivers on-demand resources like networking and storage 

Answer: D 


QUESTION 125 

Which two statements about VSS are true? (Choose two.) 

A. It requires physical switches to be collocated. 

B. It is dependent on spanning-tree. 

C. It requires three IP addresses per ULAN. 

D. Each VSS has a single management IP address 

E. It can eliminate the need for HSRP. 

Answer: DE 


QUESTION 126 

For which reason can two OSPF neighbor routers on the same LAN segment be stuck in the two- 
way state? 

A. The two routers have different MTUs on the interface. 

B. The two routers are configured with different priorities. 

C. The interface priority is set to zero on both routers. 

D. Both routers have the same OSPF router ID. 

Answer: C 


QUESTION 127 

Which option is an example of SaaS? 

A. Google Apps 

B. Amazon AWS 

C. Google App Engine 

D. Microsoft Azure 

Answer: A 


QUESTION 128 

How does an IPv6 host automatically generate a global address? 
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A. It prepends its interface identifier to the network prefixes contained in Router Advertisement 
messages. 

B. It appends its interface identifier to the network prefixes contained in Router Advertisement 
messages. 

C. It appends its interface identifier to the network prefixes contained in Router Solicitation 
messages. 

D. It prepends its interface identifier to the network prefixes contained in Router Solicitation 
messages. 

Answer: B 


QUESTION 129 

Which statement about the feasible distance in EIGRP is true? 

A. It is the maximum metric that should feasibly be considered for installation in the RIB. 

B. It is the smallest metric toward the destination encountered ...time the destination went from 
Active tp Passive state. 

C. It is the metric that is supplied by the best next hop toward the destination. 

D. It is the maximum metric possible based on the maximum hop count that is allowed. 

Answer: B 
Explanation: 

FD is a record of the lowest known distance since the last transition from the Active to Passive 
state. 


QUESTION 130 

Refer to the exhibit. What tag will be applied to the 172.16.130.0/24 route? 


ip prefix-list cciel seq 5 permit 172-16.0.0/17 le /■4 

ip prefix-list ccieZ seq 5 permit 172.16.1^.8.0/1/ le 24 

ip prefix-list ccie3 seq 5 permit 172.17.128.0/17 le 24 

route-nap ccie permit 10 

natch ip address prefix-list cciel 
set taq 10 

route nap ccie permit 20 

match ip address prefix-list ccie2 
set taq 20 

route-nap ccie permit 30 

natch ip address prefix-list cciei 
set tag 30 

route-nap ccie permit 40 
sec tag 40 


A. 10 

B. 20 

C. 30 

D. 40 
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Answer: B 


QUESTION 131 

What is wrong with the configuration of this tunnel interface? 


interface tunnel 1 


tunnel source ethernet 

0 

tunnel mode ipv6ip isatap 

ipv6 address 2001:DBS:: 

:/64 eui-64 


A. ISATAP tunnels cannot use the EUI-64 address format. 

B. No tunnel destination has been specified. 

C. The tunnel source of an ISATAP tunnel must always point to a loopback interface. 

D. Router advertisements are disabled on this tunnel interface. 

Answer: D 


QUESTION 132 

Which option describes how a network administrator prevents possible routing for VLSM subnets 

that are missing from the routing table? 

A. Create a route for the subnet to the null interface, and then redistribute the static route into the 
routing process. 

B. Create a loopback interface with the correct subnet, and then redistribute the connected interface 
to the routing table. 

C. Create a loopback interface with the correct subnet, and the routing protocol automatically injects 
it into its routing process. 

D. Create a route for the subnet to the null interface, and the routing protocol automatically injects it 
into its routing process. 

Answer: A 


QUESTION 133 

What are two potential drawbacks of VPLS?(Choose two.) 

A. VPLS devices drop all VLAN-tagged packets. 

B. VPLS increases the risk of routing loops. 

C. VPLS is poorly suited for large, flat network implementations. 

D. When more devices are added to the VPLS, packet replication is significantly increased. 

E. VPLS requires manual configuration for loop prevention. 

Answer: CD 


QUESTION 134 

What command can you enter on a Cisco router so that it can both poll a time server and be 
polled by a time server? 

A. ntp server 
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B. ntp broadcast client 

C. ntp broadcast destination 

D. ntp peer 

Answer: D 


QUESTION 135 

Which two options are examples of Northbound and/or Southbound protocol?(Choose two) 

A. OpenStack 

B. ISIS 

C. NETCONF 

D. JSON 

E. BGP-LS 

Answer: CE 


QUESTION 136 

What are two differences between IPv6 ISATAP tunneling and IPv6 6to4 tunneling? (Choose two) 

A. Only ISATAP tunneling transfers unicast IPv6 packets between sites. 

B. Only 6to4 tunneling requires 2002:: /16 addresses. 

C. Only ISATAP tunneling can transfer IPv6 multicast packets. 

D. Only ISATAP tunneling transfers unicast IPv6 packets within a site. 

E. Only 6to4 tunneling transfers unicast IPv6 packets within a site. 

Answer: BD 


QUESTION 137 

A host on an Ethernet segment has a different subnet mask than the default gateway. What can 
be done to allow it to communicate with devices outside of this subnet? 

A. Configure a static route for the host on the default gateway. 

B. Configure a static ARP entry on the default gateway for the host IP address. 

C. Enable gratuitous ARP on the host. 

D. Enable proxy ARP on the default gateway. 

Answer: D 


QUESTION 138 

Drag and Drop Question 

Drag and drop the NETCONF layers on the left onto their appropriate description on the left. 
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transport 


defnes a set of base protocol operations 



messages 


provides a communication path between the c*ent 
and server 



operations 


provides a franrwg mechanism tor encodng RPCs 



content 


holds nformaton on data models and protocol 
operations 

Answer: 


transport 


operatxxis 



messages 


transport 



operations 


messages 



content 


content 


QUESTION 139 

Drag and Drop Question 

Drag and drop each description from the left into the matching description from the left into the 
matching protocol category on the right. 
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Answer: 




Mtt'N LCP to vnnfy Ink qu.nty 


QUESTION 140 

Drag and Drop Question 

Drag and drop each extended ping IP header option from the left onto the corresponding 
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description on the right. 


loose 


Displays output details 



record 


Displays the elapsed time over the round trip of 


the packet 



strict 


Displays the routers that the packet crossed along 


the path to the destination 



timestamp 


Sets the specific path the packet will travel to the 
destination 



verbose 


Specifies one or more routers through which the 


packet may travel to the destination 


Answer: 


loose 


verbose 



record 


timestamp 



strict 


record 



timestamp 


strict 



verbose 


loose 


QUESTION 141 

Drag and Drop Question 

Drag and drop each STP port role on the left to the matching statement on the right. 
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alternate port 


The port whose path cost deems it closest to the 
root bridge 


backup port 


The port that sends the best BPDUs on it’s 
segment 


designated port 


A blocked port that receives more useful BPDUs 
from a different bridge 


root port 


A blocked port that receives more useful BPDUs 
from it’s own bridge 

Answer: 

alternate port 


root port 


backup port 


designated port 


designated port 


alternate port 


root port 


backup port 

QUESTION 142 

Drag and Drop Question 



Bidirectional PIM 


All the receiver to request multicast traffic difectly 
from the source instead of through the RP 




MBGP 


Delivers multicast traffic using a pull model 
with both shared and shortest-path trees 




MSDP 


Delivers multicast traffic using a push model 




PIM-dense mode 


Supports many-to-many multicast flows 
within a single domain 




PIM-sparse mode 


Supports non-congruent unicast and 
multicast topologies 




SSM 


Use anycast RPs to share information about 
active source between domains 


Answer: 
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Bidirectional PJM 


SSM 



MBGP 


PIM-sparse mode 



MSDP 


PIM-dense mode 



PIM-dense mode 


Bidirectional PIM 



PIM-sparse mode 


MBGP 



SSM 


MSDP 


QUESTION 143 

Drag and Drop Question 


DIS 

ABR 


Level 1 

designated router 


Level 1-2 

Internal backbone 


Level 2 

Totally Stubby internal nonbackbone 


Answer: 


DIS 

Level 1-2 


Level 1 

DIS 


Level 1-2 

Level 2 


Level 2 

Level 1 
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QUESTION 144 

Drag and Drop Question 


Operates in normal,receive-only.and passive mode. 


Operates in tunnel mode and transport mode. 


Provides dynamic spoke-to-spoke traffic flow. 


Supports multicast traffic natively on private IP 
networks 


Supports operations between products from 
multiple vendors. 


Users a peer-to-peer encryption style for point-to- 
point GRE tunnels. 



Answer: 


Operates in normal,receive-only.and passive mode. 


DMVPN 


Operates in tunnel mode and transport mode. 


Provides dynamic spoke-to-spoke traffic flow. 


Supports multicast traffic natively on private IP 
networks 


Supports operations between products from 
multiple vendors. 


Users a peer-to-peer encryption style for point-to- 
point GRE tunnels. 


Provides dynamic spoke-to-spoke traffic flow. 


Supports multicast traffic natively on private IP 
networks 


GETVPN 


Operates in normal,receive-only.and passive mode. 


Supports operations between products from 
_ multiple vendors. _ 


IPsec 



Operates in tunnel mode and transport mode. 






Users a peer-to-peer encryption style for point-to- 
point GRE tunnels. 




QUESTION 145 

Drag and Drop Question 

Drag each statement about file-transfer protocols on the left to the matching file-transfer 
technology on the right. 
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more resilient on congested networks 


operates without user-level security 


supports a dear-text password only 


supports unidirectional file transfer only 


uses TCP 


uses UDP 



Answer: 


more resilient on congested networks 


operates without user-level security 


supports a dear-text password only 


supports unidirectional file transfer only 


uses TCP 


uses UDP 


FTP 


more resilient on congested networks 


supports a clear-text password only 


uses TCP 



TFTP 


operates without user-level security 


supports unidirectional file transfer only 


uses UDP 





QUESTION 146 

Drag and Drop Question 
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10.120.75.10/14 


10.112.0.0 



10.121.55.10/18 


10.120.0.0 



10.121.100.50/12 


10.121.0.0 



10.121.221.30/17 


10.121.128.0 



10.125.20.101/18 


10.125.0.0 



10.125.80.150/18 


10.125.64.0 


Answer: 


10.120.75.10/14 


10.121.100.50/12 



10.121.55.10/18 


10.120.75.10/14 



10.121.100.50/12 


10.121.55.10/18 



10.121.221.30/17 


10.121.221.30/17 



10.125.20.101/18 


10.125.20.101/18 



10.125.80.150/18 


10.125.80.150/18 


QUESTION 147 

Drag and Drop Question 
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command 


provides accounting information for events such as reboots and 


enabling accounting 



connection 


provides accounting information for EXEC shell commands at a 


specific privilege level 



EXEC 


provides accounting information for PPP sessions 



network 


provides accoutmg information for" start" and "stop" records 


when calls pass and fail user authentication 



resource 


provides accounting information for Telnet connections 



system 


provides accounting information for user shell commands 


Answer: 


command 


system 



connection 


command 



EXEC 


network 



network 


resource 



resource 


connection 



system 


EXEC 


QUESTION 148 

Drag and Drop Question 
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data pattern 


identifies non-conforming MTU devices along the path to the 
destination 



set DF bit in IP header 


identifies the smallest MTU allowed along the path to the 
destination 



sweep range of sizes 


troubleshoots framing errors and clocking problems 



type of service 


set the QoS 



validate reply data 


used to confirm the data received from the destination 


Answer: 


data pattern 


sweep range of sizes 



set DF bit in IP header 


set DF bit in IP header 



sweep range of sizes 


data pattern 



type of service 


type of service 



validate reply data 


validate reply data 


QUESTION 149 

Drag and Drop Question 

Drag each NTP command on the left to its effect on the right. 


ntp master 


Configures an external tme source. 

rv 


w 

ntp orphan 


Configures the device as an authoritative tme server. 



ntp peer 


Configures the device to smulate a UTC source when real-time 
tme sources are maccessfcte. 



ntp refckxk 


Configures the device to synchrony its time aganst a time 
server. 



ntp server 


Configures the device to synchronize its tme aganst another 
device. 


Answer: 
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QUESTION 150 

Drag and Drop Question 

Drag each statement about EIGRP neighbor peering on the left to the matching peering type on 
the right 


Forms a half*me$h topology through peers configured with the 


Multicast 

"urrcast-lsten" keyword. 




The defait EIGRP peering method. 


OTP point-to-porit 



Uses the “neighbor - statement on a non-passive interface with 
default options. 


OTP route-reflector 



Uses the "remote" keyword in the neighbor statement to form 
peer mgs. 


Unicast 


Answer: 


The default EiGftP peeing method. 


Uses the ’remote" keyword in the neighbor statement to form 
peeings. 


Forms a half-mesh tccotogy through peers configured with the 
_ ~ur»cast4sten~ keyword. ^ _ 


Uses the ’nerghbcr’ statement on a non-passive interface with 
default op tons. 


QUESTION 151 

Which interior gateway protocol is based on open standards, uses a shortest-path first algorithm, 
provides native protocols, and operates at the data link layer? 

A. IS-IS 
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B. EIGRP 

C. BGP 

D. OSPF 

Answer: A 


QUESTION 152 

Refer to the exhibit. All routers are running EIGRP and the network has converged. R3 and R4 
are configured as EIGRP Stub. If the link between R1 and R3 goes down, which statement is 
true? 



A. R1 sends traffic destined to 192.168.0.100 via R2. 

B. R2 does not have a route to 192.168.0.0/24 in the routing table. 

C. The prefix 192.168.0.0/24 becomes stuck-in-active on R4. 

D. R3 does not advertise 192.168.0.0/24 to R4 anymore. 

Answer: B 


QUESTION 153 

Refer to the exhibit. If the route to 10.1.1.1 is removed from the R2 routing table, which server 
becomes the master NTP server? 


R2#show run I include ntp 
ntp server 10.1.1.1 prefer 
ntp server 10.3.3.3 
ntp server 10.4.4.4 


A. R2 

B. the NTP server at 10.3.3.3 
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C. the NTP server at 10.4.4.4 

D. the NTP server with the lowest stratum number 

Answer: D 


QUESTION 154 

Which set of commands conditionally advertises 172.16.0.0/24 as long as 10.10.10.10/32 is in the 
routing table? 


A. 


B. 


neighbor x.x.x.x advertise-map ADV exist-map EXT 
route-map ADV 

match IP address prefix-list ADV 

j 

route-map EXT 

match IP address prefix-list EXT 
ip prefix-list EXT permit 172.16.0.0/24 

j 

ip prefix-list ADV permit 10.10.10.10/32 


neighbor x.x.x.x advertise-map ADV exist-map EXT 
route-map ADV 

match IP address prefix-list ADV 
route-map EXT 

match IP address prefix-list EXT 

j 

ip prefix-list ADV permit 172.16.0.0/24 
ip prefix-list EXT permit 10.10.10.10/32 


neighbor x.x.x.x advertise-map ADV 
noute-map ADV 

match IP address prefix-list ADV 
match IP address prefix-list EXT 

i 

ip prefix-list ADV permit 172.16.0.0/24 

j 

ip prefix-list EXT permit 10.10.10.10/32 
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neighbor x.x.x.x advertise-map ADV 
noute-map ADV 

match IP address prefix-list ADV 
match IP address prefix-list EXT 

i 

ip prefix-list ADV permit 172.16.0.0/24 

; 

ip prefix-list EXT permit 10.10.10.10/32 


Answer: B 


QUESTION 155 

Which component of the BGP ORF can you use to permit and deny routing updates? 

A. match 

B. action 

C. AFI 

D. SAFI 

E. ORF type 

Answer: A 


QUESTION 156 

Which statement about UDLD is true? 

A. The udld reset command resets ports that have been error-disabled by both UDLD and Fast 
UDLD. 

B. Fast UDLD is configured in aggressive mode. 

C. Only bidirectional link failures can be detected in normal mode. 

D. Each switch in a UDLD topology can send and receive packets to and from its neighbors. 

Answer: A 


QUESTION 157 

Which option is a core event publisher for EEM? 

A. Timer 

B. Policy Director 

C. Applet 

D. Script 

Answer: A 


QUESTION 158 

Which statement about SSHv2 is true? 

A. Routers acting as SSH clients can operate without RSA keys. 
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B. SSHv2 supports port forwarding and compression. 

C. The RSA key pair size must be at least 512. 

D. You must configure a default gateway before you enable SSHv2. 

Answer: A 


QUESTION 159 

Which statement about Cisco Discovery Protocol is true? 

A. The multicast address 0100.0cdd.dddd is used as the destination address for periodic advertisements. 

B. An inactive VLAN that is configured on an access port passes periodic Cisco Discovery Protocol 
advertisements. 

C. The multicast address 0100.0ccc.ccd is used as the destination address for periodic advertisements. 

D. A VLAN must be active on an access port before periodic Cisco Discovery Protocol advertisements 
are passed. 

Answer: D 


QUESTION 160 

Which three topologies are standardized by the Metro Ethernet Forum? (Choose three) 

A. E-LAN 

B. VPWS 

C. E-Tree 

D. E-Line 

E. NPE 

F. PNNI 

Answer: ACD 


QUESTION 161 

A floating static route appears in the routing table of an interface even when the interface is 
unusable. 

Which action can you take to correct the problem? 

A. Remove the permanent option from the static route. 

B. Correct the administrative distance. 

C. Configure the floating static route to point to another route in the routing table. 

D. Correct the DHCP-provided route on the DHCP server. 

Answer: A 


QUESTION 162 

Refer to the exhibit. Which statement is true? 
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RPlfshow ipv€ mroute 

Multicast Routing Table 

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, 

C - Connected, L - Local, I - Received Source Specific Host Report, 
P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, 

J - Join SPT 
Timers: Uptime/Expires 
Interface state: Interface, State 

(*, FF7E:200:2A02:Bill:FC02:1:11FF:11EE), 00:00:35/never, RP 
2A02:Bill:FC02:1::1, flags: SCLJ 
Incoming interface: Null 
RPF nbr: :: 

Immediate Outgoing interface list: 

Ethernet2/0, Forward, 00:00:35/never 


A. The output shows an IPv6 multicast address with link-local scope. 

B. The output shows an IPv6 multicast address that is used for unique local sources only. 

C. The output shows an IPv6 multicast address that can be used for BIDIR-PIM only. 

D. The output shows an IPv6 multicast address with embedded RP. 

Answer: D 


QUESTION 163 

Which option describes how the IP address is assigned when you configure a Layer 3 
EtherChannel interface? 

A. You must assign the IP address to the tunnel interface. 

B. The last IP address added to the EtherChannel is used automatically. 

C. You must assign the IP address to a port channel logical interface. 

D. The first IP address added to the EtherChannel is used automatically. 

Answer: C 


QUESTION 164 

Refer to the exhibit. Which two route types are advertised by a router with this configuration? 
(Choose two.) 

router eigrp 1 
network 10.0.0.0 
eigrp stub 


A. connected 

B. external 

C. summary 
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D. static 

E. redistributed 

Answer: AC 


QUESTION 165 

Which two conditions are required for tracking the interface IP routing state? (Choose two) 

A. A VRF must be enabled on the interface. 

B. IP routing must be disabled on the interface. 

C. Cisco Express Forwarding must be disabled on the interface. 

D. The interface line protocol must be up. 

E. A known IP address must be configured on the interface. 

Answer: DE 


QUESTION 166 

According to the networking best practices, which network device should be used for optimization 
and rate limiting? 

A. the provider core device 

B. the provider edge device 

C. the customer core device 

D. the coustomer edge device 

Answer: D 


QUESTION 167 

Which feature must be enable to support IGMP snooping on a VLAN interface that operating 
without multicast routing? 

A. The IGMP snooping enquirer 

B. Auto-RP 

C. PIM snooping 

D. MLD 

Answer: A 


QUESTION 168 

Which command can you enter to disable logging for VTY lines? 

A. no logging monitor 

B. no logging count 

C. no logging buffer 

D. no logging console 

E. no logging trap 

Answer: A 
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Explanation: 

No logging console is for CTY. 
No logging monitor is for VTY. 


QUESTION 169 

Which feature monitors network events and takes automated action based on scripts configured 
by the administrator? 

A. NetFlow 

B. Performance Monitoring 

C. EPC 

D. EEM 

Answer: D 


QUESTION 170 

Which IPv4 feature prevents multicast joins on a per-port basis? 

A. MLD filtering 

B. IGMP snooping 

C. IGMP filtering 

D. PIM snooping 

Answer: C 
Explanation: 

IGMP filtering is used to prevent multicast joins. 

IGMP snooping is to prevent unnecessary multicast flooding. 


QUESTION 171 

Which two statements about PfR are true?(Choose two) 

A. It manages traffic classes 

B. It provides a narrower scope of route control than OER. 

C. It provides intelligent route control on a per-application basis. 

D. It supports split tunneling and spoke-to-spoke links. 

E. It always prefers the least cost path. 

Answer: AE 


QUESTION 172 

Which statement about EIGRP request packets is true? 

A. They determine whether a destination is reachable 

B. They are transmitted unreliably 

C. They are transmitted via broadcast 

D. They are sent in response to queries 

Answer: B 
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QUESTION 173 

Which routing protocol is not supported with VRF-lite? 

A. IS-IS 

B. OSPF 

C. EIGRP 

D. BGP 

Answer: A 


QUESTION 174 

How can you reduce latency on a VoIP network? 

A. Implement a congestion-avoidance algorithm 

B. Implement low latency queuing 

C. Configure an SLA to collect information on packet loss 

D. Set the IP SLA timeout to 1000 milliseconds. 

E. Implement fast retransmission. 

Answer: B 


QUESTION 175 

Which two statements about the host address 172.150.100.10/18 are true?(Choose two) 

A. The network address is 172.150.0.0 

B. The network address is 172.150.64.0 

C. The network address is 172.150.100.0 

D. The broadcast address is 172.150.127.255 

E. The broadcast address is 172.150.255.255 

F. The broadcast address is 172.150.100.255 

Answer: BD 


QUESTION 176 

Refer to the exhibit. What are two effects of the given configuration?(Choose two) 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


68 














Pass Leader’ 

Leader of IT Certifications 


interface FastEthernetO/O 
ip address 192.168.12.1 255.255.255.224 

router eigrp 100 

passive-interface FastEthernetO/O 
network 192.168.12.0 
no auto-summary <@<3 


A. The router will fail to form neighbor adjacencies over all EIGRP interfaces except F0/0 

B. The router will fail to form neighbor adjacencies over interface F0/0 

C. The router will advertise the 192.168.12.0/27 network 

D. The router will manuallu summarize the 192.168.12.0/27 network 

E. Auto-summarization will be enabled on the F0/0 interface 

Answer: BC 


QUESTION 177 

Which two statements about IPv6 PIM are true?(Choose two) 

A. PIM-SM and PIM-SSM can be configured in the same network 

B. PIM-SM bases its RPF checks on the unicast routing table 

C. It supports both sparse mode and dense mode 

D. It supports both Auto-RP and BSR 

E. It works in conjunction with unicast routing protocols to send and receive multicast updates 

Answer: AB 


QUESTION 178 

Wht is the EUI 64-bit address corresponding to MAC address 0032F4C57781 ? 

A. FFFE0032F4C57781 

B. 0032F4FFFEC57781 

C. 0032F4C57781FFFE 

D. C57781FFFE0032F4 

Answer: B 


QUESTION 179 

Which two statements about SNMP inform requests are true? (Choose two) 
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A. For a particular event,an SNMP inform may be sent more than once. 

B. SNMP informs consume less bandwidth than SNMP trap 

C. SNMP informs are sent to the SNMP manager without acknowledgement. 

D. SNMP informs are sent to the SNMP agent without acknowledgement. 

E. For a particular evevt,an SNMP inform is sent only once 

F. SNMP informs are sent to the SNMP manager and acknowledgement. 

Answer: AF 


QUESTION 180 

If you configure a router interface for both IPv4 and IPv6 on an IS-IS network in single-topology 
mode,what additional configuration is required? 

A. IPv4 and IPv6 must be configured on different routing protocols. 

B. IPv4 and IPv6 must be configured to run the same IS-IS level. 

C. IPv4 and IPv6 must be configured with different metric types 

D. IPv4 and IPv6 addresses must be configured with the same prefix length. 

Answer: B 


QUESTION 181 

Which extended ping IP header option allows you to specify one or more hops over which the 
packets will travel without specifying the full path? 

A. verbose 

B. loose 

C. strict 

D. record 

Answer: B 
Explanation: 

http://www.cisco.eom/c/en/us/support/docs/ip/routing-information-protocol-rip/13730-ext-ping- 
trace.html 

Loose allows you to influence the path by specifying the address(es) of the hop(s) you want the 
packet to go through. 

Verbose is automatically selected along with any other option. 


QUESTION 182 

Refer to the exhibit. If R1 and R2 cannot establish an OSF neighbor relationship, which two 
actions can you take to resolve the problem? (Choose two) 
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(510/1 


nemue F2 passvcnd 0 cisco 
Interface LccpbackO 

ip address 10.10.10.10 255.255.255.255 

interface GigabitJCthemetO/1 
no ip address 

duplex full 

pppoe enable group global 
pppoe-client dial-pool-number 1 

interface Dialed 
mtu 1492 

ip address negotiated 
encapsulation ppp 
dialer pool 1 
ppp authentication pap 


255 area 0 



GiO/1 


usernaae R1 password 0 cisco 

bba-group pppoe pppoel 
virtual-teaplate 1 

interface LoopbackO 

ip address 172.16.1.1 255.255.255.255 

interface LoopbaeJtl 

ip address 192.168.1.2 255.255.255.0 

interface GigabitEthemetfl/1 
no ip address 
pppoe enable group pppoel 

interface Virtual-Tesplatel 
atu 1492 

ip unnumbered Loopbackl 

peer default ip address pool pocll 

ppp authentication pap 


ter ospf 


3.0.0 T\ 5. 


5. 255 area 0 
.3 192.168.1.5 


A. Configuration PPP authentication under the R2 Gigabitethernet 0/1 interface 

B. Change the ip local pool command on R2 to ip local pool pooll 192.168.1.2 192.168.1.5 

C. Configuration R1 to send the username and password on the Dialer 1 interface 

D. Change the PPP authentication to CHAP authentication 

E. Configure PPP encapsulation under the R1 virtual-template interface 

Answer: CE 


QUESTION 183 

Which two statemwnts about the host address 10.88.100.10/13 are true?(Choose two.) 

A. The network address is 10.64.0.0 

B. The network address is 10.88.100.0 

C. The network address is 10.88.0.0 

D. The broadcast address is 10.95.255.255 

E. The broadcast address is 10.88.255.255 

F. The broadcast address is 10.64.255.255 

Answer: CD 


QUESTION 184 

Refer to the exhibit. Which two statements are true?(Choose two) 
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Routing Process "ospf 1" with ID 1.1.1.1 
Start time: lw5d. Time elapsed: 4dllh 
Supports only single TOS(TOSO) routes 
Supports opaque LSA 
Supports Link-local Signaling (LLSy 
Supports area transit capability 

Router is not originating router-LSAs with maximum metric 
Initial SPF schedule delay 5000 msecs 

Minimum hold time between two consecutive SPFs 1000G msecs 

Maximum wait time between two consecutive SPFs \ 00Ofc msecs 

Increraental-SPF disabled 

Minimum LSA interval 5 secs 

Minimum LSA arrival 1000 msecs 

LSA group pacing timer 2-90 secs 

Interface flood pacing timer 33 msecs 

Retransmission pacing timer 66 msecs 

Number of external LSA 0. Checksum Sum. 0x000000 

Number of opaque AS LSA 0 r - Checksum Sum 0x000000 

Number of DCbitless external and opaque AS LSA 0 

Number of DoNotAge external and opaque AS LSA 0 

Number of areas in this router is 1. 1 normal 0 stub 0 nssa 

Number of area^trransit capable is 0 

External : xld'6d list length 0 \\ ( 

IETF NSF helper support enabled 
Cisco NSF helper support enabled 
Reference bandwidth unit is 100 mbps 
Area BACKBONE(0) 

Number of interfaces in this area is 2 (1 loopback) 

Area has no authentication \V : A 

SPF algorithm last executed 00: Qt*:TT. 17 6 ago 

SPF algorithm executed 7 times 

Area ranges are , 

Number of LSA 3. Checksum Sum jx 0140E9 
Number of opaque link LSA 0. Checksum Sum 0x000000 , 
— Nu bU&m, jof^6<1sitless LSA 0 
Number of indication LSA 0 

Number of DoNotAge LSA 0 - r — ? 

Flood list length 0 


A. This is the output of the show ip ospf command 

B. This is the output the show ip protocols command 

C. This router is an ABR 

D. Authentication is not configured for the area 

E. This router is an ASBR 

Answer: AD 


QUESTION 185 

Which IS-IS metric style is most suitable for MPLS traffic engineering? 

A. narrow 

B. wide 

C. transition 

D. flat 
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Answer: B 


QUESTION 186 

Which feature must be enabled to support IGMP snooping on a VLAN that is operating without a 
multicast router? 

A. PIM snooping 

B. Auto-RP 

C. The IGMP snooping querier 

D. MLD 

Answer: C 


QUESTION 187 

Which two statements about SNMP are true? (Choose two.) 

A. SNMPv3 provides privacy and access control. 

B. All SNMP versions use get, getNext, and getBulk operations. 

C. SNMPv3 uses encrypted community strings. 

D. SNMPvl and SNMPv2c use plaintext community strings. 

E. All SNMP versions support bulk retrieval and detailed error messages. 

Answer: AD 


QUESTION 188 

Which three conditions must be met for IP routing state of an interface to be up? (Choose three) 

A. Cisco Express Forwarding must be enabled 

B. Cisco Discovery Protocol must be enabled on the interface 

C. The interface line-protocol state must be up 

D. A backup interface must be enabled 

E. Active IP routing must be enabled 

F. The interface must have a known IP address 

Answer: CEF 


QUESTION 189 

Which two statements about DMVPN are true? (Choose two) 

A. It is a tunnel-less VPN technology 

B. It uses automatic IPSec triggering to build IPSec tunnels 

C. It is an open standard 

D. It supports multicast and QoS within tunnels 

E. It provides a routable interface for terminating IPSec tunnels 

F. It allows both the hub and the spokes to use dynamic IP addresses 

Answer: BD 
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QUESTION 190 

Which two options are types of EVCs?(Choose two) 

A. GRE 

B. NSSA 

C. E-line 

D. E-LAN 

E. NMBA 

Answer: CD 


QUESTION 191 

Refer to the exhibit. Which tag will be applied to the 172.16.50.0/24 route? 


ip prefix-list cciel seq 5 permit 172.16.0.0/17 le /.4 

lp prefix-list ccieZ seq S permit 172.16.128.0/17 le 24 

ip prefix-list ccie3 seq 5 permit 172.17.128.0/17 le 24 

route-nap ccie permit 10 

aatcb ip address prefix-list cciel 

«t ug 10 / -■-'• r 

route-nap ccie permit 20 

natch ip address prefix-list ccie2 
set taq 20 

route-nap ccie permit 30 

natch ip address prefix-list ccie3 
set tag 30 

route-nap ccie permit 40 
sec tag 40 


A. 10 

B. 20 

C. 30 

D. 40 

Answer: A 


QUESTION 192 

Which three configuration settings match for switches to be in the same MST region?(Choose 
three) 

A. password 

B. domain name 

C. VLAN names 

D. revision number 

E. VLAN-to-instance assignment 

F. region name 

Answer: DEF 
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QUESTION 193 

Which feature can be used to block traffic from one host to another within one VLAN on a Layer 2 
switch? 

A. port security 

B. dotlx 

C. access list 

D. protected ports 

Answer: D 


QUESTION 194 

Which statements about PMTUD is true? 

A. It is supported by TCP and UDP. 

B. It increases the connection's send MSS value to prevent fragmentation. 

C. GRE tunnels use PMTUD to fragment data packets by default. 

D. It is used to prevent fragmentation of packets at the endpoint of a TCP connection. 

E. It is used to prevent fragmentation of packets traveling across a smaller MTU link between two 
endpoints. 

Answer: A 


QUESTION 195 

When you implement the EIGRP add-paths feature, which configuration can cause routing issues 
on a DMVPN circuit? 

A. disabling ECMP mode underthe EIGRP process. 

B. disabling automatic summarization 

C. enabling next-hop-self under the EIGRP process. 

D. enabling synchronization under the EIGRP process 

E. disabling the default variance underthe EIGRP process 

F. disabling NHRP when deploying EIGRP over DMVPN 

Answer: E 


QUESTION 196 

You are performing a system diagnostics on a CSU in local loop mode and notice that the 
mineseen counter has failed to increment. 

Which type of problem does this behavior indicate? 

A. a cabling problem 

B. an encoding problem 

C. a framing problem 

D. a timing problem 

Answer: D 
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QUESTION 197 

Which two statements about IPsec VTIs are true? (Choose two) 

A. Dynamic VTIs allow you to mix proxy types. 

B. The dynamic VTI is a multipoint interface that can support multiple IPsec SAs. 

C. The IKE SA can be bound to both the VTI and the crypto map in the router. 

D. Static VTIs can use the "IP any any" traffic selector only. 

E. The IPsec transform set must be configured in transport mode. 

F. Static VTIs can encapsulate both IPv4 and IPv6 packets, but IPv4 can carry IPv4 packets and 
IPv6 can carry IPv6 packets. 

Answer: DF 


QUESTION 198 

Refer to the exhibit. Which two statements about the output are true?(Choose two.) 


Switch# show spanning-tree vlan 1 detail 

VLAN0001 is executing the ieee compatible Spanning Tree protocol 
Bridge Identifier has priority 32768, sysid 1, address 
0007.0e3f.04c0 Configured hello time 2, max age 20, forward 
delay 15 Current root has priority 8192, address 0007.4flc.e947 
Root port is 65 (GigabitEthernet2/l), cost of rdot path is 119 
Topology change flag not set, detected flag hot set 
Number of topology changes 1 last change occurred 00:00:35 ago 
from GigabitEthernetl/1 

Times: hold 1, topology change 35, notification 2 

hello 2, max age 20, forward delay 15 
Timers: hello 0, topology change 0> notification 0, aging 300 

Switch# ,o (2. _v-£r— (2. _ 


A. Setting the priority of this switch to 0 for VLAN 1 would cause it to become the new root. 

B. This switch is the root bridge for VLAN1 

C. Spanning-tree PortFast should not be enabled on GigabitEthernet2/1 

D. 802.1w spanning tree is being used 

E. Spanning tree PortFast is enabled on GigabitEthernetl/1 

Answer: AC 


QUESTION 199 

Which encryption algorithm is enabled by the Cisco IOS command service password-encryption ? 

A. MD5 

B. Cisco Type-5 

C. Cisco AES 

D. Cisco Type-7 

E. TKIP 
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Answer: D 


QUESTION 200 

Which three fields are present in the IPv6 header? (Choose three) 

A. Next Header 

B. Traffic Class 

C. Options 

D. Time to Live 

E. Flags 

F. Flow Label 

Answer: ABF 


QUESTION 201 

Which three technologies can be used to implement redundancy for IPv6? (Choose three) 

A. IPv6 NA 

B. NHRP 

C. HSRP 

D. DVMRP 

E. GLBP 

F. IPv6 RA 

Answer: CEF 


QUESTION 202 

An IPv6 network has different MTUs on different segments, if the network is experiencing 
reliability issues, which option is the most likely reason? 

A. ICMPv6 is filtered. 

B. The Do Not Fragment bit is marked. 

C. HSRPv6 is configured incorrectly. 

D. The MTU size is greater than 1470 bytes. 

Answer: A 


QUESTION 203 

What are two reasons for an OSPF neighbor relationship to be stuck in exstart/exchange state? 
(Choose two.) 

A. There is an area ID mismatch 

B. There is an MTU mismatch 

C. Both routers have the same router ID. 

D. There is an authentication mismatch 

E. Both routers have the same OSPF process ID 

Answer: BC 
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QUESTION 204 

Which IP SLA operation requires Cisco endpoints? 

A. UDP Jitter for VoIP 

B. ICMP Path Echo 

C. ICMP Echo 

D. UDP Jitter 

Answer: A 


QUESTION 205 

What are two functions of an NSSA in an OSPF network design ?(Choose two) 

A. It overcomes issues with suboptimal routing when there are multiple exit points from the areas 

B. It uses opaque LSAs 

C. It allows ASBRs to inject external routing information into the area 

D. An ASBR advertises type 7 LSAs into the area 

E. An ABR advertises type 7 LSAs into the area 

Answer: CD 


QUESTION 206 

Which two statements about out-of-order packet transmission are true? (Choose two.) 

A. It can occur when packets are duplicated and resent 

B. It occurs only over TCP connections 

C. It can occur when packets are dropped and resent 

D. It can occur when packets take the same path to arrive at the same destination 

E. It can occur when packets use different paths to arrive at the same destination. 

Answer: BE 


QUESTION 207 

What is used to acknowledge the receipt of LSPs on a point-to-point network in IS-IS? 

A. hello 

B. CSNP 

C. PSNP 

D. IIH 

E. CSH 

Answer: C 


QUESTION 208 

Which two options are restrictions of BGP ORF? (Choose two) 

A. It can be used only with IPv4 multicast. 

B. It requires access lists to match routes. 
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C. It can be used only with eBGP. 

D. Multicast is not supported. 

E. It can be used only with iBGP. 

Answer: CD 


QUESTION 209 

What are the two Cisco recommended methods for reducing the size of the TCAM on a Layer 3 
switch? (Choose two) 

A. Use the ip route profile command. 

B. Adjust the output queue buffers. 

C. Filter unwanted routes. 

D. Optimize the SDM template. 

E. Use summary routes. 

Answer: CE 


QUESTION 210 

Refer to the exhibit. Which statement is true? 



A. The Cisco PfR state is UP; however, the external interface Et0/1 of border router 10.1.1.1 has 
exceeded the maximum available bandwidth threshold. 

B. The Cisco PfR state is UP; however, an issue is preventing the border router from establishing a 
TCP session to the master controller. 

C. The Cisco PfR state is UP and is able to monitor traffic flows; however, MD5 authentication has 
not been successful between the master controller and the border routers. 

D. The Cisco PfR State is UP; however, the receive capacity was not configured for inbound traffic. 

E. The Cisco PfR state is UP, and the link utilization out-of-policy threshold is set to 90 percent for 
traffic exiting the external links. 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


79 
























Pass Leader’ 

Leader of IT Certifications 


Answer: E 


QUESTION 211 

Which two statements about TCP MSS are true? (Choose two.) 

A. The two endpoints in a TCP connection report their MSS values to one another. 

B. It operates at Layer 3. 

C. MSS values are sent in TCP SYN packets 

D. It sets the maximum amount of data that a host sends in an individual datagram 

E. It sets the minimum amount of data that a host accepts in an individual datagram 

Answer: CD 


QUESTION 212 

Which Cisco PfR monitoring mode is recommended for Internet edge deployments? 

A. active mode 

B. fast mode 

C. active throughput mode 

D. passive mode 

Answer: D 


QUESTION 213 

Which Catalyst switch feature configured on a per-port basis can be used to prevent attached 
hosts from joining select multicast group? 

A. IGMP Filtering 

B. MLD Filtering 

C. IGMP Snooping 

D. PIM Snooping 

Answer: A 


QUESTION 214 

Which information is contained in an OSPF Type 7 Not-So-Stubby Area NSSA External LSA? 

A. The paths and costs to all OSPF NSSA areas that are external to the current area. 

B. The path and costs to reach other stub area border routers in the OSPF routing domain. 

C. The address of routers that connect the current area to other areas and the cost to reach those 
routers. 

D. External network address,mask,and cost to reach each network that is external to the OSPF 
domain and only within the NSSA 

E. The external network address,mask,and cost to reach networks that are external to the OSPF 
NSSA,including the default route. 

Answer: D 
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QUESTION 215 

Drag and Drop Question 

Drag each set action for policy-based routing on the left to the matching statement on the right. 


default next-hop 


A 

used for QoS 



OF 


used for traffic to a destination 1 




frA /rtwt-hoo 


VV JJ 

used for traffic vrtiose next t>ap s {&« ron-adjacert router 




next-hop recursive 


used b override the routing table ‘s adjacent selection 




precedence 


Ql 

used to troubleshoot tunneling issues 


Answer: 



QUESTION 216 

Drag and Drop Question 





6to4 tunneling 


Configures parallel IPv4 and IPv6 network 
infrastructure and address 


^ fr\\\ 



duel stack 


Translates traffic between IPv4 and IPv6 
address 

( 

's. 


n fX ^ Cr\ \ tO \ 


-\ 77 1 ■ 

IPv6 to IPv4 GRE tunneling 


Uses any IPv6 unicast site address 


\ \ .A. ^ 

\\ 


ISATAP tunneling 


Uses IPv6 site address with in the 2002::/16 
prefix 





NAT-PT 


Uses standard point-to-point encapsulation 



i 

ft 
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Answer: 



QUESTION 217 

Drag and Drop Question 

IPv4 host address on the left to the matching network address on the right. 




Answer: 
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QUESTION 218 

Drag and Drop Question 

Drag and drop each EIGRP packet type from the left onto the matching description on the right. 


hetto 


a packet that establishes and maintains neighbor adjacencies 




query 

i>c 

a pocket that B sent to inform neighbors of the presence of a 1 

feasible successor 



- 1 


1 1 

d packet that Is sent to loss of a 

request 

■ i 

1 

a packet that presides destination information so that 
neighbors can poptiate their topologv tables 

update 

1 

; -^y^l^that is used in route server appkrations 

1 ' - -- ^ f 


Answer: 
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heflo ins neighbor adjacencies j 

--- /^\\v\\ u 


3rs of the presence of a I 


458^ 1 

Ci toss of a 

query 


m for matron so that 

update opotogy tables 


^ <spp * catCns 1 

J -- —zr ( 


QUESTION 219 

Drag and Drop Question 


A policy written in Td 


Defined offline and copied to the device 


Registered only when bn event is specified 


EEM Applet 


— 


_ 


m 


_ 


Supports events without action 


Supports keyword extensions for developing policies 




Suppons only one e^ent Configuration command in its 
( configuration 


EEM Script 


XX 


_ 


—- 


Answer: 
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EEM Applet 



Registered only when an event is specified 

( 

_ 


Supports events without action 


^ /b\V 



Supports only one event Conjuration command in its 
configuration 



EEM Script 


A policy written in Td 

Vj 

( 


Supports keyword extensions for developing polities > 




Defined offline and copied to the device 




QUESTION 220 

Drag and Drop Question 


Client to Server Communication 

_ 




( 












Server to Client Communication 










- 

} 





-1 


Answer: 
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O 


O 


Client to Server Communication 

rSi -- 



DHCP DISCOVER 


3Z 





DHCP REQUEST 







Server to Client Communication 


( 



_ DHCP ACK 

1 

\\vv 

DHCP OFFER 


OHCpNAij Cfu(SP' r '" 


; 


QUESTION 221 

Drag and Drop Question 



Answer: 
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Stateless NAT64 



performs 1:1 translation 



provides end-to-end address transparency gCS' ( 

requires IPv6 address assignments that can be translated to 

IPv4 //\ 

A (c>\ wastes IPv4 address 


Stateful NAT64 


conserves IPv4 addresses 


V 

creates a unique binding for every translation 



performs 1:N translation 



supports all modes of IPv6 address assignment 





QUESTION 222 

Drag and Drop Question 

Drag and Drop Question the OpenStack projects from the left onto their function on the right. 


Neutron 


provides connectivity for the VM 



Npyfc fPv 


provides volume for the VM 





provisions the VM 



O 'tSncHr 


<rpfcides the image for the VM 


Answer: 



QUESTION 223 

Which encapsulation is used when deploying EIGRP OTP? 

A. GRE 

B. LISP 

C. PPP 
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D. dotlq 

E. MPLS 

F. ISL 

Answer: B 


QUESTION 224 

What are three valid HSRP states? (Choose three) 

A. listen 

B. learning 

C. full 

D. established 

E. speak 

F. INIT 

Answer: ABE 


QUESTION 225 

Refer to the exhibit. What kind of problem is detected? 


Router#ping 
Protocol [ip]: 

Target IP address: 209.165.200.200 
Repeat count [5]: 1 
Datagram size [100]: 

Timeout in seconds [2]: 

Extended commands [n]: y 
Source address or interface: 

Type of service [0]: 

Set DF bit in IP header? [no]: y 
Validate reply data? [no]: 

Data pattern [OxABCD]: 

Loose, Strict, Record, Timestamp, Verbose[none]: 

Sweep range of sizes [n]: y 
Sweep min size [36]: 1460 
Sweep max size [18024]: 1500 
Sweep interval [1]: 

Type escape sequence to abort. 

Sending 41, [1460..1500]-byte ICMP Echos to 209.165.200.200, 
timeout is 2 seconds: 

Packet sent with the DF bit set 
!M!M!H!!!!!!!!f!!f!!!I!!M!I!!MMMMMMMM 

Success rate is 80 percent (33/41), round-trip min/avg/max = 

28/28/32 ms 

Router# 


A. The packet types that are being sent are unknown. 
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B. The maximum MTU size that can be used is 1492. 

C. Waiting for a reply timed out. 

D. Fragmentation starts to occur when the MTU of 1472 is reached. 

Answer: B 


QUESTION 226 

Refer to the exhibit. The OSPF adjacency between two routers cannot be established. 
What is the root cause of the problem? 


El Open Shortest Path First 

B Open Shortest Path First 

El OSPF Header 

□ OSPF Header 

Version: 2 

Version: 2 

Message Type: Hello Packet (1) 

Message Type: Hello Packet (1) 

Packet Length: 44 

Packet Length: 44 

Source OSPF Router: 10.155.255.1 (10.155.255.1) 

Source OSPF Router: 10.155.255.2 (10.155.255.2) 

Area ID: 0.0.0.10 (0.0.0.10) 

Area ID: 0.0.0.10 (0.0.0.10) 

Checksum: 0x0000 (None) 

Checksum: 0x0000 (None) 

Auth Type: Cryptoqraphic (2) 

Auth Type: Cryptoqraphic (2) 

Auth Crypt Key id: 121 

Auth Crypt Key id: 121 

Auth Crypt Data Lenqth: 16 

Auth Crvpt Data Lenqth: 16 

Auth Crypt Sequence Number: 1421584632 

Auth Crypt Sequence Number: 1421584519 

Auth Crypt Data: 589382284493al312be3511bd£6673cd 

Auth Crypt Data: el35d573c8e2f5e89cd336e80cccf398 

□ OSPF Hello Packet 

□ OSPF Hello Packet 

Network Mask: 255.255.255.0 (255.255.255.0) 

Network Mask: 255.255.255.0 (255.255.255.0) 

Hello Interval [sec]: 10 

Hello Interval [sec]: 10 

□ Options: 0x12 (L, E) 

□ Options: 0x18 (L, NP) 

0.= DN: Not set 

0.= DN: Not set 

.0.=0: Not set 

.0.= O: Not set : 

..0.= DC: Demand Circuits are NOT supported 

.. 0.= DC: Demand Circuits are NOT supported 

...1 .... = L: The packet contains LLS data block 

...1 .... = L: The packet contains LLS data block 

.... 0... = NP: NSSA is NOT supported 

.... 1... = NP: NSSA is supported 

.0.. = MC: NOT Multicast Capable 

.0.. = MC: NOT Multicast Capable 

.1. = E : External Routing Capability 

.0. = E : NO External Routing Capability 

.0 = MT: NO Multi-Topoloqy Routing 

.0 = MT: NO Multi-Topoloqy Routing 

Router Priority: 1 

Router Priority: 10 

Router Dead Interval [sec]: 40 

Router Dead Interval [sec]: 40 

Designated Router: 10.155.135.1 (10.155.135.1) 

Designated Router: 10.155.135.2 (10.155.135.2) 

Backup Designated Router: 0.0.0.0 (0.0.0.0) 

Backup Designated Router: 0.0.0.0 (0.0.0.0) 

El OSPF LLS Data Block 

0 OSPF LLS Data Block 


A. Both routers are designated routers. 

B. different area ID 

C. mismatched OSPF network types 

D. authentication error 

E. area type mismatch 

Answer: E 


QUESTION 227 

Refer to the exhibit. Which two statements about the given NetFlow configuration are 
true?(Choose two) 
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A. It supports a maximum of 2048 entries 

B. It supports only IPv4 flows 

C. It supports both IPv4 and IPv6 flows 

D. It supports only IPv6 flows 

E. It uses the default port to send flows to the exporter 

Answer: BE 


QUESTION 228 

Refer to the exhibit. Which OSPFv3 routes will be visible in the routing table of R2? 


Rl: 

interface Locpback.0 
ip address 1.1.1.1 255.255.255.0 
ipv6 address 2001:12::1/128 
ipv6 rip RIPNG enable 

i 

interface FastEthernetO/O 
ip address 10.1.12.1 

255.255.255.0 
duplex auto 
speed auto 

ipv6 address 2001:112::1/64 
ipv6 cspf 1 area 0 

j 

interface FastEthernetO/1 
no ip address 
shutdown 
duplex auto 
speed auto 

j 

ip forward-protocol nd 


no ip http server 

no ip http secure-server 

j 

ipv6 router ospf 1 
log-adjacency-changes 
redistribute rip RIPNG 

j 

ipv6 router rip RIPNG 



R2: 

interface LoopbackO 
ip address 2.2.2.2 255.255.255.0 
ipv6 address 2001:12::2/126 
ipv6 rip RIPNG enable 

J 

interface FastEthernet0/0 
ip address 10.1.12.2 

255.255.255.0 
duplex auto 
speed auto 

ipv6 address 2001:112::2/64 
ipv6 ospf 1 area 0 

I 

interface FastEthernetO/1 
no ip address 
shutdown 
duplex auto 
speed auto 

ip forward-protocol nd 


no ip http server 

no ip http secure-server 


ipv6 router ospf 1 
log-adjacency-changes 
redistribute rip RIPNG include- 
connected 

i 

ipv6 router rip RIPNG 


A. 2001:12-1/128 

B. 2001:12-1/128, 2001:112::1/128 

C. 2001:12::2/128 
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D. No OSPFv3 routes will be visible. 

Answer: D 
Explanation: 

You should add “include-connected” when redistributing from RIPNG to OSPFv3 to redistribute 
that loopback. 


QUESTION 229 

Refer to the exhibit. Which AS paths are matched by this access list? 


ip as-path acce33-list 1 permit ~64496_[0-9]*$ 


A. the origin AS 64496 only 

B. the origin AS 64496 and any ASs after AS 64496 

C. the directly attached AS 64496 and any ASs directly attached to AS 64496 

D. the directly attached AS 64496 and any longer AS paths 

Answer: C 


QUESTION230 

What is the main function of VRF-lite? 

A. To allow devices to use labels to make Layer 2 Path decisions 

B. To segregate multiple routing tables on a single device 

C. To connect different autonomous systems together to share routes 

D. To route IPv6 traffic across an IPv4 backbone 

Answer: B 


QUESTION 231 

Which feature can you implement to most effectively protect customer traffic in a rate-limited 
WAN Ethernet service? 

A. HCBWFQ 

B. IntServ with RSVP 

C. DiffServ 

D. The IPsec VTI qos pre-classify command 

E. Q-in-Q 

Answer: B 


QUESTION 232 

Which technology can be used to prevent flooding of IPv6 multicast traffic on a switch? 

A. IGMP snooping 

B. IGMP filtering 
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C. MLD snooping 

D. MLD filtering 

Answer: C 


QUESTION 233 

Which two statements about logging are true? (Choose two.) 

A. Log messages are sent to the console port by default. 

B. Log messages are displayed in a Telnet session by default. 

C. Interface status changes are logged at the Notification level. 

D. Interface status changes are logged at the Informational level. 

E. System restart messages are logged at the Critical level. 

F. Reload requests are logged at the Notification level. 

Answer: AC 
Explanation: 

By default, switches send the output from system messages and debug privileged EXEC 
commands to a logging process. The logging process controls the distribution of logging 
messages to various destinations, such as the logging buffer, terminal lines, or a UNIX syslog 
server, depending on your configuration. The process also sends messages to the console. 

The software generates four other categories of messages: 

• Error messages about software or hardware malfunctions, displayed at levels warnings through 
emergencies. These types of messages mean that the functionality of the switch is affected. For 
information on how to recover from these malfunctions, see the system message guide for this 
release. 

• Output from the debug commands, displayed at the debugging level. Debug commands are 
typically used only by the Technical Assistance Center. 

• Interface up or down transitions and system restart messages, displayed at the notifications 
level. This message is only for information; switch functionality is not affected. 

• Reload requests and low-process stack messages, displayed at the informational level. This 
message is only for information; switch functionality is not affected. 
http://www.cisco.eom/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12- 
2_55_se/configuration/guide/scg_2960/swlog.html 


QUESTION 234 

Which two statements about asymmetric routing are true? (Choose two) 

A. It can cause packet loss over stateful ICMP and UDP connections. 

B. It can cause packet loss when a stateful firewall is in use. 

C. It can cause TCP connections to close. 

D. It can cause packet loss when NAT is in use. 

E. It is uncommon in large networks. 

Answer: BD 


QUESTION 235 

Which command can you use to redistribute IBGP routes into the IGP? 

A. no synchronization 

B. redistribute protocol process-number 
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C. bgp redistribute-internal 

D. synchronization 

Answer: C 


QUESTION 236 

Which option is the origin code when a route is redistributed into BGP? 

A. IGP 

B. EGP 

C. external 

D. incomplete 

E. unknown 

Answer: D 


QUESTION 237 

Which data plane protocol does EIGRP Over the Top use? 

A. MPLS 

B. GRE 

C. LISP 

D. IP-in-IP 


Answer: C 


QUESTION 238 

Refer to the exhibit. Which kind of ICMPv6 packet is shown in the output? 

I;Ethernet II, Src: D-Link_ac:fe:56 (00:50:ba:ac:fe:56), Dst: IPv6-Neighbor-Discovery_ff:84:18:d9 (33:33:ff:84:18:d9) 
[ iDestination: IPv6-Neighbor-Discovery_ff:84:18:d9 (33:33:ff:84:18:d9) 

Address: IPv6-Neighbor-Discovery_ff:84:18:d9 (33:33:ff:84:18:d9) 

.1.= Multicast: This is a MULTICAST frame 

.1.= Locally Administrated Address: This is NOT a factory default address 

H Source: D-Link_ac:fe:56 (00:50:ba:ac:fe:56) 

Address: D-Link_ac:fe:56 (00:50:ba:ac:fe:56) 

.0.= Multicast: This is a UNICAST frame 

.0.= Locally Administrated Address: This is a FACTORY DEFAULT address 

Type: IPv6 (0x86dd) 

Internet Protocol Version 6 
Version: 6 
Traffic class: 0x00 
Flowlabel: 0x00000 
Payload length: 32 
Next header: ICMPv6 (0x3a) 

Hop limit: 255 

Source address: fe80::250:baff:feac:fe56 
Destination address: ff02::l:ff84:18d9 
Internet Control Message Protocol v6 
Type: 135 
Code: 0 

Checksum: 0xc92d [correct] 

Target: fe80::20e:cff:fe84:18d9 
E] ICMPv6 options 

Type: 1 (Source link-layer address) 

Length: 8 bytes (1) 

Link-layer address: 00:50:ba:ac:fe:56 

A. neighbor advertisement 

B. neighbor solicitation 

C. router discovery 
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D. time exceeded 

E. router advertisement 

Answer: B 


QUESTION 239 

Which PIM mode can forward traffic by using only (*. G) routing table entries? 

A. dense mode 

B. sparse-dense mode 

C. sparse mode 

D. bidrirectional mode 

Answer: D 


QUESTION 240 

Which three factors does Cisco PfR use to calculate the best exit path? (Choose three.) 

A. quality of service 

B. packet size 

C. delay 

D. loss 

E. reachability 

F. administrative distance 

Answer: CDE 


QUESTION 241 

Drag and Drop Question 



Answer: 
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Drag and drop the BGP attribute on the left to the correct category on the right. 



BGP Well-Known Mandatory Attribute 


AS_path 

Community 



Next-Hop 





BGP Well-Known Discretionary Attribute 


Local-Pref 

Aggregator 




BGP Optional Nontransitive Attribute 


Originator ID 


QUESTION 242 

Drag and Drop Question 

Drag and drop the BGP attributes on the left to the correct category on the right. 



QUESTION 243 

Drag and Drop Question 

Drag and drop the BGP attribute on the left to the correct category on the right. 
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Answer: 



QUESTION 244 

Drag and Drop Question 

Drag and drop the BGP attribute on the left to the correct category on the right. 


Originator ID 


Community 


Local-Preference 


AS Path 


Cluster List 


Origin 


B GP Well-Known Mandatory Attribute 


1 


B GP Well-Known Discretionary Attribute 


1 



Answer: 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


96 












































































































































Pass Leader’ 

Leader of IT Certifications 


Originator ID 


Cluster List 



BGP Optional Transitive Attribute 


Community 




QUESTION 245 

Which type of port would have root guard enabled on it? 

A. A root port 

B. An alternate port 

C. A blocked port 

D. A designated port 

Answer: D 


QUESTION 246 

How does MSTP maintain compatibility with RSTP? 

A. The system ID of an RSTP BPDU is padded with extra bytes to match the format of an MSTP 
BPDU. 

B. RSTP encodes region information from an MSTP BPDU into a single instance. 

C. MSTP sends all spanning-tree information in one BPDU. 

D. RSTP implements a TTL that is compatible with the MSTP max age timer. 

E. MSTP supports five port states in the same way as RSTP. 

Answer: C 


QUESTION 247 

Which statement about a type 4 LSA in OSPF is true? 

A. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a 
route to the ASBR. 

B. It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a 
route to the ASBR. 

C. It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a 
route to the ASBR. 
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D. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a 
route to the ABR. 

E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a 
route to the ASBR. 

Answer: E 


QUESTION 248 

Which option describes how a router responds if LSA throttling is configured and it receives the 
identical LSA before the interval is set? 

A. The LSA is added to the OSPF database and a notification is sent to the sending router to slow 
down its LSA packet updates. 

B. The LSA is added to the OSPF database. 

C. The LSA is ignored. 

D. The LSA is ignored and a notification is sent to the sending router to slow down its LSA packet 
updates. 

Answer: C 


QUESTION 249 

When you deploy DMVPN, what is the purpose of the command crypto isakmp key ciscotest 
address 0.0.0.0 0.0.0.0 ? 

A. It is configured on hub and spoke router to establish peering 

B. It is configured on hub to set the pre-shared key for the spoke routers 

C. It is configured on the spokes to indicate the hub router 

D. It is configured on the Internet PE routers to allow traffic to traverse the ISP core 

Answer: B 


QUESTION 250 

Which statement is true about conditional advertisements? 

A. Conditional advertisements create routes when a predefined condition is met. 

B. Conditional advertisements create routes when a predefined condition is not met. 

C. Conditional advertisements delete routes when a predefined condition is met. 

D. Conditional advertisements create routes and withhold them until a predefined condition is met. 

E. Conditional advertisements do not create routes, they only withhold them until a predefined 
condition is met. 

Answer: E 


QUESTION 251 

Refer to the exhibit. R1 is performing mutual redistribution, but OSPF routes from R3 are unable 
to reach R2. Which three options are possible reasons for this behavior? (Choose three.) 
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A. R1 requires a seed metric to redistribute RIP. 

B. The RIP version supports only classful subnet masks. 

C. R1 is filtering OSPF routes when redistributing into RIP. 

D. R3 and R1 have the same router ID. 

E. R1 and R3 have an MTU mismatch. 

F. R2 is configured to offset OSPF routes with a metric of 16. 

Answer: ACF 


QUESTION 252 

Which two statements about the client-identifier in a DHCP pool are true? (Choose two.) 

A. It specifies a unique identifier that is used only for DHCP requests. 

B. It is specified by appending 01 to the MAC address of a DHCP client. 

C. It specifies a hardware address for the client. 

D. It specifies a unique identifier that is used only for BOOTP requests. 

E. It requires that you specify the hardware protocol. 

Answer: AB 


QUESTION 253 

Drag and Drop Question 

Drag and drop the NAT operations on the left into the correct sequential order on the right. 
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Drag and drop the NAT operations on the left into the correct sequential order on the right. 



Answer: 



Drag and drop the NAT operations on the left into the correct sequential order on the right. 




Check the IP routing table 


Check the inbound access list 



Check the outbound access list 

Check the policy routing 


Check the inbound access list 

Check the IP routing table. 



Inspect CBAC 


Translate inside local to outside global. 



Translate inside local to outside global 


Check the outbound access list. 


Check the policy routing 


Inspect CBAC. 


QUESTION 254 

Which TCP feature allows a client to request a specific packet that was lost? 

A. flow control 

B. sliding window 

C. fast recovery 

D. selective acknowledgment 

Answer: D 


QUESTION 255 

Which three modes are valid for forming an EtherChannel between the ports of two switches? 
(Choose three.) 

A. Active/active 

B. Active/passive 

C. Passive/passive 

D. Auto/auto 

E. Auto/desirable 

F. Desirable/on 

Answer: ABE 


QUESTION 256 

Which two statements about Cisco Express Forwarding are true? (Choose two.) 
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A. Cisco Express Forwarding tables contain reachability information and adjacency tables contain 
forwarding information. 

B. Cisco Express Forwarding tables contain forwarding information and adjacency tables contain 
reachability information. 

C. Changing MAC header rewrite strings requires cache validation. 

D. Adjacency tables and Cisco Express Forwarding tables can be built separately. 

E. Adjacency tables and Cisco Express Forwarding tables require packet process-switching. 

Answer: AD 


QUESTION 257 

Drag and Drop Question 

Drag and drop the EIGRP query condition on the left to the corresponding action taken by the 
router on the right. 


The EIGRP table is missing an entry for the route 


A feasible successor is installed in the routing table, 
and a reply 



The EIGRP table lists the querying router as the 
successor for 


The router replies with the successor information 



The querying router is the successor, and no feasible 
_successor exists_ 


The router replies to the query with an unreachable 

messane 



the EIGRP table has a successor 


The router send a query on all interfaces except the 
_interface that had thp surrpssnr rnutp_ 


Answer: 


The EIGRP table lists the querying router as the 
successor for 


the EIGRP table has a successor 


The EIGRP table is missing an entry for the route 


The querying router is the successor, and no feasible 
_ surrpssnr exists _ 


QUESTION 258 

Drag and Drop Question 

Drag and drop the MPLS term on the left to the function it performs on the right. 
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label 


instructs the router to keep the label when forwarding 



implcit-nul 


groups IP packets so that they are given 
the samp fnrwardinn trpatmpnt 



explicit-null 


identifies the group to which an IP packet belongs 



penultimate hop popping 


instructs the penultimate router to pop the label 
before 



FEC 


identifies a layer 2 MPLS connection from one device 
to 



virtual circuit 


pops an MPLS label off one hop before its final 
destination 


Answer: 



explicit-null 



FEC 


label 



implicit-null 

virtual circuit 


penultimate hop popping 


QUESTION 259 

Drag and Drop Question 

Drag and drop each IPv6 neighbor discovery message type on the left to the corresponding 
description on the right. 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


102 


















































Pass Leader’ 

Leader of IT Certifications 


neighbor redirect 


The message a node uses to share its link-layer 
address 



router solicitation 


The message a node uses to notify hosts on the 
link of a better first-hop for a destination 



router advertisement 


The message a node uses to discover the link-local 
addresses of other nodes on the link 



neighbor advertisement 


The message a node uses to share information 
about its status and its local prefixes 



neighbor solicitation 


The message a host sends when it starts up, 
requesting local routers to transmit information 


Answer: 


neighbor redirect 

neighbor advertisement 



router solicitation 

neighbor redirect 



router advertisement 


neighbor solicitation 



neighbor advertisement 


router advertisement 



neighbor solicitation 


router solicitation 


QUESTION 260 

Drag and Drop Question 

Drag and drop each step of the Unicast RPF process on the left into the correct order on the right. 
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Unicast RPF performs a CEF table lookup for packet 
forwarding. 


1 



Unicast RPF performs a reverse lookup of the return 
path in 


2 



The packet is received on the interface. 


3 



The output ACL is checked on the forwarding 
interface. 


4 



The packet is forwarded. 


5 



The packet is checked against the inbound ACL. 


6 

Answer: 


:Unicast RPF performs a CEF table lookup for packet 
forwarding. 


The packet is received on the interface. 



Unicast RPF performs a reverse bokup of the return 
_oathin_ 


The packet is checked against the inbound ACL. 



The packet is received on the interface. 


Unicast RPF performs a reverse lookup of the return 
path in 



The output ACL is checked on the forwarding 
interface. 


Unicast RPF performs a CEF table lookup for packet 
forwarding. 



The packet is forwarded. 


The output ACL is checked on the forwarding 
interface. 



The packet is checked against the inbound ACL. 


The packet is forwarded. 


QUESTION 261 

Drag and Drop Question 

Drag each routing protocol on the left to the matching statement on the right. 
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BGP 


Has low resource usage and can be configured to 
send either unicast or multicast updates. 



ISIS 


Has high resource usage and requires the 
administrator to modify routing behavior to limit the 

infnrmpHnn fhpl- k cpnf fn nnn-h^rkhnnp Ipv/pIq 



OSPP 


Has high resource usage and supports a proprietary 
Cisco option to perform primary route calculation. 



RIPv2 


Has high resource usage and uses TLV to 
incorporate features. 


Answer: 




QUESTION 262 

Drag and Drop Question 

Drag and drop each BGP attribute on the left into the priority order in which the attributes are 
preferred when determining the best path on the right. 


highest LOCAL_PREF 

First 

| 

highest WEIGHT 

Second 

locally originated path 

Third 

lowest MED 

Fourth 

lowest origin type 

Fifth 

shortest AS_PATH 

Sixth 


Answer: 
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1 — 1 

highest LOCAL PREF | 

highest WEIGHT 

highest WEIGHT 

highest LOCAL PREF 

locally originated path | 

locally ohginated path 

lowest MED 

shortest AS_PATH 

lowest origin type 

lowest origin type 

shortest AS_PATH 

lowest MED 




QUESTION 263 

Drag and Drop Question 

Drag each OSPFv2 SA parameter on the left to its corresponding description on the right 



Answer: 
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QUESTION 264 

Which two statements about IS-IS authentication are true? (Choose two.) 

A. Level 2 LSPs transmit the password encrypted inside the IS-IS PDU. 

B. Area and domain authentication must be configured together. 

C. Passwords can be configured on a per-interface basis. 

D. If LSP authentication is in use, unauthorized devices can form neighbor adiacencies. 

E. Lever 1 LSPs use the domain password. 

Answer: CD 


QUESTION 265 

Which three options are the main security features in SNMPv3? (Choose three) 

A. authentication 

B. MIB persistence 

C. message integrity 

D. authorization 

E. encryption 

F. accounting 

Answer: ACE 


QUESTION 266 

Which two authentication mechanisms are supported by SNMPv3 ?(Choose two) 

A. SHA 

B. username without password 

C. username and password 
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D. DES 

E. a community string 

F. 265-bit AES 

Answer: AC 


QUESTION 267 

Which two hashing algorithms can be used when configuring SNMPv3? (Choose two.) 

A. MD5 

B. SHA-1 

C. Blowfish 

D. DES 

E. AES 

F. SSL 

Answer: AB 


QUESTION 268 

Which two statements about the default SNMP configuration are true? (Choose two.) 

A. The SNMP agent is enabled. 

B. The SNMP trap receiver is configured. 

C. All SNMP notification types are sent. 

D. SNMPvl is the default version. 

E. SNMPv3 is the default version. 

Answer: CD 


QUESTION 269 

Refer to the exhibit. Which authentication method can the device use as an altermate to the pre¬ 
shared key? 



A. clear-text 

B. certificate 
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C. 802.1 x 

D. null 

Answer: D 


QUESTION 270 

Which option is the task of an IGMP Snooping Quenier? 

A. It facilitates populating the group membership tables on IGMP Snooping-enabled switches 

B. It sends PIM-SM messages to all multicast routers 

C. It can limit the number of multicast messages a host receives 

D. It coordinates the election of a mapping agent 

Answer: A 


QUESTION 271 

Which two actions can you take to prevent routes from becoming stuck in active?(Choose two) 

A. Design the network so that it uses the lowest possible number of quenes 

B. Manually increase the EIGRP metrics on interfaces connected to successors 

C. Use port channeling to aggregate multiple EIGRP interfaces 

D. Increase the EIGRP K values on low-bandwidth interfaces 

E. Increase the time a router waits before it declares routes stuck in active 

F. Increase the Hello timers on all EIGRP interfaces 

Answer: AE 


QUESTION 272 

Refer to the exhibit.What are two effects of the given configuration?(Choose two) 


track 1 interface Ethemetl/O line—protocoi 

track 2 interface Ethemetl/1 line—protocol 

track 3 interface Ethemetl/2 line-protocol 

track 100 list threshold veight 

object 1 weight 15 
object 2 weight 20 
object 3 weight 30 
threshold weight down 10 up 30 


A. The aggregate weight of track object 100 is set to 30 

B. Track object 100 goes down if Ethernetl/2 goes down 

C. Track object 100 goes down if all three interfaces go down 

D. Track object 100 goes down if Ethernet 1/0 goes down 

E. The aggregate weight of track object 100 is set to 40 

F. Track object 100 stays up as long as both Ethernet 1/0 and Ethernet 1/1 are up 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


109 


















Pass Leader* 

Leader of IT Certifications 


Answer: CF 


QUESTION 273 

Which two statements about MPLS label stack encoding are ture?(Choose two) 

A. The TTL is significant only on the top label 

B. When a device forwards a labeled packet,it must copy the TTL of the outgoing label to the top 
label 

C. MPLS labels are encoded in little-endian format 

D. When an MPLS label stack undergoes the swap operation,it swaps the top and bottom labels 

E. When a device forwards a labeled packet,it must copy the TTL of the incoming label to the 
outgoing label 

Answer: AC 


QUESTION 274 

Which statement is true about trunking? 

A. Cisco switches that run PVST+ do not transmit BPDUs on nonnative VLANs when using a 
dotlq trunk 

B. DTP only supports autonegotiation on 802.1 q and does not support autonegotiation for ISL 

C. DTP is a point-to-point protocol 

D. When removing VLAN 1 from a trunk,management traffic such as CDP is no longer passes in 
that VLAN 

Answer: C 


QUESTION 275 

Refer to the exhibit. Which two conclusions can you draw from this output? (Choose two) 



---- 

ICMP, redirect sent to 192.168.5. 119 for dear 10 .9. 132.254 , uae gw 192.168.5.1 

i 



A. The packet was source-routed 

B. The device that produced the output uses different interfaces to send and receive traffic to and 
from the device at 10.9.132.254 

C. The device at the 192.168.5.119 routing tables has an ARP entry for the device at 
10.9.132.254 

D. The device that produced the output uses the same interface to send and receive traffic to and 
from the device at 10.9.132.254 

E. The device at 192.168.5.119 is on the same subnet as the next hop for the device at 
10.9.132.254 

Answer: DE 


QUESTION 276 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


110 























Pass Leader’ 

Leader of IT Certifications 


Which command can you enter on an interface so that the interface will notify the sender of a 
packet that the path is sub-optimal? 

A. ip nhrp set-unique-bit 

B. ip nhrp shortcut 

C. ip nhrp cost 65535 

D. ip nhrp redirect 

E. ip nhrp record 

Answer: D 


QUESTION 277 

Refer to the exhibit. Which traffic gets set to AF41 by the making policy on interface 
GigabitEthernetO/O? 



A. Only traffic matching access-list tp-rooms 

B. Only traffic matching access-list streaming 

C. No traffic gets set AF41 

D. Any traffic matching access-list tp-rooms and access-list streaming 

Answer: D 


QUESTION 278 

Which two options are required parts of an EEM policy?(Choose two) 
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A. exit status 

B. event register keyword 

C. entry status 

D. namespace import 

E. body 

Answer: BE 


QUESTION 279 

Which option describes the characteristics of a public Infrastructure as a Service cloud service 

model? 

A. It is a way of delivering cloud-computing infratructure (servers, storage, network, and operating 
systems) as an on-demand service 

B. It is a cloud service where the underlying hardware is managed by the cloud service provider 

C. It is a cloud-computing platform that facilitaes the creation of web applications without the need 
to maintain the supporting software application 

D. It is a cloud-computing platform that facilitaes the creation of web applications without the need 
to maintain the supporting software operating systems 

Answer: A 


QUESTION 280 

Which option is can example of SaaS? 

A. Google Apps 

B. Amazon AWs 

C. Google App Engine 

D. Microsoft Azure 

Answer: A 


QUESTION 281 

Which two statements about static routing are ture?(Choose two) 

A. It is highly scalable as networks grow 

B. It reduces configuration errors 

C. It can be implemented more quickly that dynamic routing 

D. It provides better security than dynamic routing 

E. It requires less bandwidth and fewer CPU cycles than dynamic routing protocols 

Answer: DE 


QUESTION 282 

Which value does VPLS use to make forwarding decisions? 

A. destination IP address of the packet 

B. destination MAC of the Ethernet frame 

C. source IP address of the packet 
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D. source MAC of the Ethernet frame 

Answer: B 

QUESTION 283 

Which three configuration settings must match for switches to be in the same MST 
region?(Choose three) 

A. password 

B. region name 

C. VLAN-to-instance assignment 

D. revision number 

E. VLAN names 

F. domain name 

Answer: BCD 

QUESTION 284 

Refer to the exhibit. If R4 is configured as shown, which EIGRP routes are present in the R1 
routing table? 





R4(conficj)#ip route 0.0.0^0 0.0.0.0 
n /i / i rr'i #router eigrp 1-3 


Ti a {/■• rsTi f i (\ 1 U r oute r e i grp 



R4 (c onf i cj- e i grp ,i # 


H Address 



1 10.1.4.1 

0 10 . 2 . 4.3 


Interface 


Fal/0 

Fal/1 


F 

101 4 


.0,0.0 MullQ 


1.1.1 1/32 




Hold Uptime 


(sec > 

12 DO:04:46 

13 0D:D4:4e 


4 4.4.4/32 


R4 


SRTT RT0 Q Seg 



2.2.2.2/32 


1 
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A. 4.4.4.4/32 and 10.2.4.0/24 only 

B. 4.4.4.4/32 and 10.1.4.0/24 only 

C. 4.4.4.4/32,10.2.4.0/24,and 2.2.2.2/32 

D. 0.0.0.0/0,4.4.4.4/32,and 10.2.4.0/24 

E. 0.0.0.0/0 and 4.4.4.4/32 only 

Answer: A 


QUESTION 285 

Which two statements about IPv6 multicast address are true? (Choose two) 

A. An IPv6 host must join the solicited-node multicast group for every unicast and anycast 
address on the node 

B. IPv6 routers update their routing tables when they receive a redirect message on a segment 

C. Solicited-node multicast addresses are based on the lower-order 24 bits of the unicast or 
anycast address 

D. They perform neighbor unreachability detection only for neighbors that send multicast packets 

E. Neighbors respone to solicitation messages by sending Router Advertisement message 

F. They use UDP packets to perform neighbor unreachability detection 

Answer: AC 


QUESTION 286 

Which type of access list allows granular session filtering for upper-level protocols? 

A. reflexive access lists 

B. context-based access lists 

C. content-based access lists 

D. extended access lists 

Answer: A 


QUESTION 287 

In which scenario can asymmetric routing occur? 

A. redundant routers running VRRP 

B. active/standby firewall setup 

C. active/active firewall setup 

D. single path in and out of the network 

Answer: C 


QUESTION 288 

Refer to the exhibit. What is indicated by the show ip cef command for an address? 
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A. CEF cannot switch packet for this route and drops it 

B. CEF is unable to get routing information for this route 

C. CEF cannot switch packet for this route and passes it to the next best switching method 

D. A valid entry and is punted to hardware-based forwarding 

Answer: C 


QUESTION 289 

Which two statements about Management Plane Protection are true?(Choose two) 

A. It supports the SNMP,ssh.TFTP,and HTTP management protocols 

B. It supports in-band and out-of-band management interfaces 

C. It is enabled by default,but it allows all manangement protocols to pass freely through all 
interfaces until it is configured 

D. It can handle management traffic when IP Cisco Express Forwarding is disabled 

E. It provides granular control over the management protocols that are allowed on an interface 

F. It works only on out-of-band management interfaces 

Answer: AC 


QUESTION 290 

A network engineer enables OSPF on a Frame Relay WAN connection to various remote 
sites,but no OSPF adjacencies come up.Which two actions are possible solutions for this 
issue?(Choose two) 

A. Change the network type to nonbroadcast multipoint access 

B. Configure the neighbor command under OSPF process for each remote site 

C. Ensure that the OSPF process number matches among all remote sites 

D. Enable virtual links 

E. Change the network type to point-to-multipoint under WAN interface 

Answer: BE 


QUESTION 291 
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Which two statements about route redistribution default metrics are true?(Choose two) 

A. When an IGP is redistributed into RIP, it has a default metric of 1 

B. When an IGP is redistributed into OSPF, it has a default metric of 110 

C. When an IGP is redistributed into IS-IS, it has a default metric of 115 

D. When EIGRP is redistributed into OSPF as E2, it has a default metric of 20 

E. When BGP is redistributed into OSPF, it has a default metric of 1 

Answer: DE 


QUESTION 292 

Which two GRE features can you configure to prevent fragmentation?(Choose two) 

A. UDP window sizes 

B. IP MTU 

C. PMTUD 

D. MTU ignore 

E. TCP MSS 

F. DF bit clear 

Answer: CE 


QUESTION 293 

Which three statements about AToM are true?(Choose three) 

A. The PE routers must share the same VC identifier 

B. It requires Layer 3 routing between the PE and CE router 

C. It requires MPLS between the PE routers 

D. IP CEF should be disabled on the PE routers 

E. It supports interworking for Frame Relay,PPP,and Ethernet,but not ATM 

F. The attachment circuit is configured with the xconnect command 

Answer: ACF 


QUESTION 294 

Refer to the exhibit. You are configuring Router 1 and Router 2 for L2TPv3 tunneling. 

Which two additional configurations are required to enable Router 1 and Router 2 to establish the 
tunnel?(Choose two) 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


116 














Pass Leader’ 

Leader of IT Certifications 



pseudowire—class RltoR2 


ip local interface LoopbackO 

interface LoopbackO 

ip address 10.1.1.1 255 .255.255.—55 

interface FastEthetnetl/O 

no snmp trap link-status 


A. Loopback 0 on Router 1 must be advertised to Router 2 

B. An IP address must be configured on interface FastEthernetl/O on Router 1 

C. Cisco Disconvery Protocol must be enabled on interface FastEhternetl/O on Router 1 

D. Router 1 must be configured to encapsulate traffic by using L2TPv3 under the pseudowire- 
class R1toR2 

E. Cisco Express Forwarding must be disabled on Router 1 

Answer: AD 


QUESTION 295 

Which IPv4 feature can limit indiscriminate flooding of multicast traffic on a VLAN? 

A. PIM Snooping 

B. IGMP Snooping 

C. MLD Filtering 

D. IGMP Filtering 

Answer: B 


QUESTION 296 

Refer to the exhibit. You have configured R1 to connect to two different ISPs. 

Which Cisco IOS security feature can you configure on R1 to reduce the risk of malicious IP 
spoofing while allowing traffic from Host B to reach Host A through both ISPs? 
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A. uRPF strict mode 

B. IP source guard 

C. uRPF loose mode 

D. port security 

Answer: C 


QUESTION 297 

Which statement about Embedded Packet Capture is true? 

A. A capture point can be associated with muitiple capture buffers 

B. Capture data is stored in the router's NVRAM 

C. Capture data is stored in the router's DRAM 

D. It can capture unicast traffic only 

E. The capture configuration is persistent when the router is restarted 

Answer: C 


QUESTION 298 

Which ISAKMP feature can protect a GDOL from a hacker using a network sniffer while a security 
association is 

A. an ISAKMP Phase 1 security association 

B. an ISAKMP Phase 2 GROUPKEY-PULL exchange 

C. a ISAKMP Phase 2 GROUPKEY-PUSH exchange 

D. an ISAKMP Phase 2 security association 

E. the Proof of Possession(POP) 

Answer: A 


QUESTION 299 

Refer to the exhibit. Which Qos mechanism is in use to prioritize voice traffic? 
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policy-map 

class VOICE 

1 priority percent 20 


class VIDEO 

bandwidth remaining 
class DATABASE 

bandwidth remaining 
class claaa-default 

bandwidth remaining 
fair 





A. priority queuing 

B. fair queuing 

C. CBWFQ 

D. low-latency queuing 

E. custom queuing 

Answer: D 


QUESTION 300 

Refer to the exhibit. Which EIGRP routes will appear in the routing table of R2? 



A. 2001:12::1/64 

B. 2001:112::/64.2001:12::1/128 

C. 2001:112::/64.2001:12::1/64 

D. 2001:12::1/128 

Answer: D 


QUESTION 301 

Refer to the exhibit. What conclusion can you draw from the given ping output? 
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RDUfpinq 
Protocol [ip]: 

Target IP address: 10.82.1.161 
Repeat count [S]: 

Datagram size (LOO]: 

Timeout in seconds (2]: 

Extended commands [ n ] : y 

Source address or interface: 10.111.252.92 

Type of service [O]: 

Set DF bit in IP header? [no): y 
Validate reply data? [no]: 

Data pattern [OxABCD]: 

Loose, Strict, Record, Timestamp, Verbose[none) : 
Sweep range of sizes [n]: y 
size [36]: 1400 

size [18024]: 1500 

interval [1]: 

equence to abort. 

SOS, [1400..1500]-byte ICMP Echos to 10.82.1 
Packet sent with a source address of 10.111.252.92 
at with the DF bit set 

‘ • 

... • i ..... 

. .. 

H M.H H.M.H.H 

- is 95 percent <480/505), 



A. The ping operation sent packets ranging from 505 to 1500 bytes in size 

B. The Verbose option was set in the IP header 

C. The packet life was exceeded in 5 percent of the oper ations 

D. Fragmentation faited duting the ping operation 

Answer: D 


QUESTION 302 

Refer to the exhibit. You notice that when interface F0/0 goes down.the device fails to install the 
floating static route to next hop 192.168.21.2 interface route table. 

Which action can you take to correct the problem? 
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S 

c 

D 




ip rout* 

C 12.0/24 1. 4it*«tl, e 

^•17.0.3/12 is subnet*rd, i 

l72 ‘ 17,2,2 Y1 * , 00:04: 30. MtJtrr^tQ/1 

If 0 a/ 1 - t 0 '^ 001 ** ooj04:», Tma+.tm W o 

li.O.Q/j: It <iubn*tt+d, 1 9 *>r*t a 

l”?.14.2. - [50/40*400] via 112. 144.21.2, 00:04: M>, FaatItlMrn»0/l 
(90/409400] via lte.Ut.IS.2f 00:04:10, faatl tbemetC/0 
172.It.0.0/32 la vulm*tt*4, 1 nkoru 
172.18.2.2 11/0] via 142.lit. 12.2 
192.148.21.0/24 la litnily («nwcu4, 

10.0.0.0/8 ( 90/409400] via 192.Ut.21 
(90/40*400] via l«2.U8.t2 
192. U8.0.0/U (90/107200] via 192. U. „„ 

(90/307200] via 152. l£t. 12.2, 00i04:32. flattltaCMt 


00:02:34, faarf 

, 00:02:34, faarf. 

21.2. 00:04* I*. 


P.l# abov tun 

lp tout* 172.18*2.2 2SS.2S5.243..IS 148* 1—«— 

ip tout* 172.18.2.2 2SS.2SS.2SS 25S 192.148.21.2 100 


A. Configure the primary route with an outgoing interface only 

B. Configure the primary route with a next-hop address and an outgoing interface 

C. Configure a summary route to the next hop router on interface F0/1 

D. Configure a summary route to the next hop router on interface F0/0 

Answer: B 


QUESTION 303 

Which two statements about static routing are true?(Choose twe) 

A. It is highly scalable as networks grow 

B. It requires less bandwidth and fewer CPU cycles than dunamic routing protocols 

C. It reduces configuration errors 

D. It can be implemented more quickly than dumamic routing 

E. It provides better security than dynamic routing 

Answer: BE 


QUESTION 304 

Refer to the exhibit. Which router will be used tou forward traffic to destinations unknown in the 
area? 
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A. R3 

B. R5 

C. R2 

D. R4 

E. R1 

F. R6 

Answer: E 


QUESTION 305 

Which feature must be enabled so that an IS-IS single topology can support IPv6 traffic? 

A. old-style TLVs only 

B. bot new-and old-style TLVS 

C. adjacency checking 

D. new-style TLVS only 

E. extended metrics 

Answer: E 


QUESTION 306 

Which technology allows a device to filter routes into and out of an MPLS VPN? 

A. route distinguishers 

B. route targets 

C. LDP 

D. CEF 

Answer: B 


QUESTION 307 

Which IPv6 migrationg metod allows IPv4-only devices to communicate with IPv6-only dual? 

A. dual stack 

B. GRE tunnel 

C. ISATAP tunnel 
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D. NAT64 
Answer: D 


QUESTION 308 

Refter to the exihibit. When R2 attempted to copy a file from the TFTP server, it received this 
error message. Which action can you take to correct the problem? 



A. Change the access-list configuration on R1 to access-list 1 permit 17216.1.0 0.0.0.255 

B. Configure the ip tftp source-interface Fa0/1 command on R1 

C. Configure the ip tftp source-interface Fa0/1 command on R2 

D. Configure the ip tftp source-interface LoopbackO command on R2 

E. Configure the ip tftp source-interface LoopbackO command on R1 

Answer: D 


QUESTION 309 

Which statement about Cisco Express Forwarding is true? 

A. The FIB table resides on the route processor and the adjacency table resides on the line cards 
when Cisco Express Forwarding is enabled 

B. The FIB table and the adjacency table reside on the line cards when Cisco Express 
Forwarding is enabled 

C. Layer 2 next-hop address information is maintained in the FIB table 

D. Layer 2 next-hop address information is maintained in the adjacency table 

Answer: D 


QUESTION 310 

Which two statement about IGmp fitering are true?(Choose two) 
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A. It supports IGMPv3 traffic only 

B. It allows Anycast RP to operate within a single AS 

C. It can be implemented on Layer-3 routed ports using the ip igmp access-list command 

D. It eliminates the need for a multicast RP 

E. It can be implemented on Layer-2 swirchports using IGMP profiles 
Answer: CE 

QUESTION 311 

For which two purposes can RTCP be used?(Choose two) 

A. Authenticating RTP sessions 

B. Providing encryption for RTP flows 

C. Providing out-of-band statistics and control information for RTP session 

D. Collecting information about VoIP service quality 

E. Providing resource reservation service for VoIP traffic 

Answer: CD 

QUESTION 312 

Refer to the exhibit. R1 has an OSPF path to R2 and R3 for 10.1.0.0/24, but R1 has a routing 
entry for 10.1.0.0/24 from only one router at a time. Which option is the most likely cause? 


Area 


10 10 0/24 
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A. The R1 maximum path is set to 1. 

B. R2 has a higher administrative distance. 

C. R2 is using a filter list. 

D. R2 is using an offset list. 

Answer: A 


QUESTION 313 

Under which two circumstances is ipsec transport mode appropriate?(Choose two) 

A. When both hosts are behind IPsec peers 

B. When IPsec peers are the source and the destination of the traffic 

C. When only one host is behind an IPsec peer 

D. When the hosts are transmitting router management traffic 

E. When only IPheader authentication is needed 

F. When only IPheader encryption is needed 

Answer: BD 


QUESTION 314 

Which two statements about BGP confederation architecture are true?(Choose two) 

A. The ASN of a confederation is excluded from the AS_PATH path length calculation 

B. IBGP sessions inside a sub-AS have a default TTL of 1 

C. The intraconfederation EBGP default TTL value between sub-ASes is 1 

D. The AS_SET and AS_SEQ components help prevent loops inside a sub-AS 

E. The intraconfederation EBGP default TTL value between sub-ASes is 255 

Answer: AC 

QUESTION 315 

Which value does VPLS use to make forwarding decisions? 

A. destination IP address of the packet 

B. destination MAC of the Ethernet frame 

C. source IP address of packet 

D. source MAC of the Ethernet frame 

Answer: B 


QUESTION 316 

Which three configuration settings must match for switches to be in the same MST 
region?(Choose three) 

A. password 

B. region name 

C. VLAN-to-instance assignment 

D. revision number 
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E. VLAN names 

F. domain name 

Answer: BCD 


QUESTION 317 

Which difference between IGMP Snooping and PIM Snooping is true? 

A. IGMP Snooping is a Cisco-proprietary technology, while PIM Snooping is standards-based 

B. IGMP Snooping controls multicast traffic to hosts, while PIM Snooping controls multicast traffic 
to routers 

C. IGMP Snooping replicates multicast traffic to multicast listeners, while PIM Snooping blocks 
multicast traffic from multicast listeners 

D. IGMP Snooping allows traffic destined to 239.0.0.0/24 destination groups only, while PIM 
Snooping filters multicast traffic to all hosts 

Answer: B 


QUESTION 318 

With PBR and set ip next-hop configured on an incoming interface, how does the router forward 
the packet with the next-hop being unreachable? 

A. The packet is forward using the normal routing table 

B. The packet is policy routed 

C. The next hop is added to the route table and the packet is policy routed 

D. The packet is dropped 

Answer: A 


QUESTION 319 

Refer to the exhibit. Which router on the given network generates the IS-IS pseudonode? 
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Rllsh ism datAtotMie 

IS-IS Level-1. Link State Database 



Rl.00-00 

* 0x00000004 

0x3632 

937 

0/0/0 

R2.00-00 

GxQQOOOlkwj I 

0x5015 

935 

0/0/0 

R2.01-00 

0x00000001 

0xE9OF 

0 1901) 

0/0/0 

R3.00-00 

0x00000003 

ox6c re 

935 

0/0/0 

R3.01-00 

0x00000001 

OxElie 

0 (937) 

0/0/0 

R4.00-00 

0x00000002 

0x881)8 

939 

0/0/0 

R4.01-00 

0x00000001 

0X3BF3 

938 

0/0/0 

IS-IS Level-2 

Link State Database: 




LSPID 

LSP Seq Hub 

LSP Checksum 

LSP Holdtime 

ATT/P/OL 

Rl.00-00 

♦ 0x00000004 

0x2B3D 

941 

0/0/0 

R2.00-00 

0x00000004 

0x4520 

939 

0/0/0 

R2.01-00 

0x00000001 

0xE90F 

0 1901) 

0/0/0 

R3.00-00 

0x00000003 

0x6102 

939 

0/0/0 

R3.01-00 

0x00000001 

OxElie 

0 1935) 

0/0/0 

R4.00-00 

0x00000002 

Ox 7DE3 

937 

0/0/0 

R4.01-00 

0x00000001 

OxOFA8 

936 

0/0/0 


A. R4 

B. R3 

C. R1 

D. R2 

Answer: A 


QUESTION 320 

Which two statements about HDLC are true? (Choose two) 

A. It is incompatible with full-duplex links 

B. It resides on the network layer 

C. It can insert and delete bits in the frame to prevent the delimiter flag's bit pattern from 
appearing within data fields 

D. Its frames are non-synchronous 

E. The physical layer clocks and synchronizes communication between links 

Answer: CE 


QUESTION 321 

Refer to the exhibit. You notice that neighboring RIP IPv6 routers cannot reach OSPFv3 routes 
on R1. 

Which reason for the problem is most likely true? 
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A. The redistribute command under the OSPF process is missing 

B. The IPv6 RIP process is missing a redistribution route map 

C. The IPv6 process is missing an IPv6 RIP default metric 

D. The redistribution metric is too large 

Answer: D 


QUESTION 322 

Which two statements about SPAN and RSPAN are true? (Choose two) 

A. Only RSPAN is limited to monitoring VLANs 

B. Only RSPAN can monitor extended VLANs 

C. Only RSPAN sends monitored traffic to a dedicated VLAN 

D. Only SPAN is limited to monitoring switch ports 

E. Only SPAN sends monitored traffic to a local physical port 

Answer: CE 


QUESTION 323 

Refer to the exhibit.lf neighbor 192.168.13.1 goes down,how does R1 handle traffic for the 
192.168.100.0/24 route? 
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A. It removes the route without querying other neighbors 

B. It uses the path through 192.168.12.2 

C. It queries neighbor 192.168.12.2 only for an alternate route 

D. It queries all neighbors for a new route 

Answer: D 


QUESTION 324 

Refer to the exhibit. You have configured R1 to connect to two different ISPs.Which allows 
remote users to access host A through both ISPs. 

Which Cisco IOS security feature can you configure on R1 to drop requests from the attacker to 
host A? 



A. uRPF strict mode 

B. port security 

C. IP source guard 

D. uRPF loose mode 

Answer: D 


QUESTION 325 
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Which are three basic elements of Cisco Performance Monitor?(Choose three) 


A. 

flow record 

B. 

policy 

C. 

SLA 

D. 

border router 

E. 

master controller 

F. 

class 


Answer: ABF 


QUESTION 326 

Refer to the exhibit. To which undesirable condition can router R1 be vulnerable? 


|IUDIMH{|gra]«HB]K]||]Bf]| 


PJLgsli run 


Sil. i 




Muilcling configuration. . . 


HRip ip icmp rate-limit unreachable 

rii-'lvBRI . : 


JVQAO. 




A. Denial of service attacks 

B. Unicast flooding 

C. Man-in-the-middle attacks 

D. Asymmetric routing 

E. IP address spoofing 

Answer: A 
Explanation: 

http://www.cisco.eom/c/en/us/td/docs/ios/12_4t/12_4t2/hticmpun.html 


QUESTION 327 

If you configure EIGRP redistribution on a router without specifying metric values, how does the 
router respond? 

A. It assigns the lowest possible metrics 

B. It uses K values to assign new metrics 

C. It fails to enter redistributed routes into route table 

D. It uses the originating protocol metrics 

Answer: C 


QUESTION 328 

Drag and Drop Question 

Drag and drop each IPv6 tunneling mechanism from the left onto the correct characteristic on the 
right 
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6RD tunnel 


It carries IPvG-only traffic between fixed endpoints. 

6to4 tunnel 

1 

It treats the entire site as a single IPv6 network operated over 
an N8MA Ink. 





GRE tcnrei 


It carries multiple types of tunneled traffic. 





ISATAP txmel 


It carries IPv6 traffic to sites using the 2002::/16 prefix. 





static ipvtxp tunnel 


It carries IPv6 traffic to sites usng a Service Provider’s IPv4- 
derived IPv6 prefix. 


Answer: 



QUESTION 329 

Two routers are connected on a PPP link using CHAP authentication by default which value will 
the routers use as their identification on the link? 

A. Their hostnames 

B. Their IP address on the connected link 

C. Their interface numbers 

D. Their serial numbers 

Answer: A 


QUESTION 330 

Which component of a GETVPN deployment is responsible for obtaining an IPsec SA to encrypt 
data within a group? 

A. Group member 

B. Key Server 

C. GDOI 

D. GRE 

Answer: C 
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QUESTION 331 

Which PIM multicast type is designed to be used for many-to-many applications within individual 
PIM domains? 

A. PIM-DM 

B. Bidir-PIM 

C. PIM-SM 

D. SSM 

Answer: B 


QUESTION 332 

Drag and Drop Question 

Drag and Drop each statement about routing protocols from the left onto the correct routing 
protocol on the right. 


I 224 J 0.10 


togtng uv6s w** 10 


touting xM&Hei Mi* *** » 2J4.0.0.9 




C 


Pvt admn,vtr#f>va <J 05^.- ** 90 




Answer: 
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pm 


ddrruMiUJUvK* dltjoc* h 110 


— 

Jfv-M! i MfvT.'oJ 'II inMte: ♦ t. 10 **ood* 

|iV4iiuuuumiuiiikihiMid »— 




QUESTION 333 

Refer to the exhibit. After you configured DHCP snooping to block a rouge DHCP server from 
assigning IP addresses to devices on your network you notice that all ports on the switch are still 
trusted. Which action can you take to correct the problem? 



Switchlshow ip dhcp snoop 1 **** fl - 
Switch DHCP 

DHCP snoop on following VLANs 

1,100 W 

Inwt^^Qnf option 32 is enabled 
Op tret? 32 on untrusted port is not allowed 
Verification of hwaddr field is enabled 
Interface Trusted Rate limit tpps> 



Fas tE the rne 1 0/1 
Fas tE the r ne 10 /' 2 
FastEtliernet 
Fas tE the 
Fa: 

FasV^h^rnetO /'c 




lmited 
unlimited 
unlimited 
unlimited 
uni 
unln 










0 ® 


A. Disable DHCP snooping on all VLANs 

B. Disable DHCP snooping on VLAN 1 only 

C. Remove the ipdhcp snooping trust command from all interface on the switch except the interface 
that connects to the company DHCP server 

D. Configure the ipdhcp snooping rate limited command to rate-limit the interface that connects to the 
rouge DHCP server 

Answer: D 
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QUESTION 334 

Which tunneling method can transmit IPv6 traffic over an MPLS infrastructure? 

A. 6PE 

B. 6to4 

C. ISATAP 

D. 6RD 

Answer: A 


QUESTION 335 

Which IPv6 solution provides network information to clients without providing an IPv6 host 
address? 

A. autoconfiguration 

B. stateless DHCPv6 

C. stateful DHCPv6 

D. prefix delegation 

Answer: A 


QUESTION 336 

Which two statements about PPP CHAP authentication are true? (Choose two) 

A. It is a one-way authentication method 

B. It uses a secret password, which is sent across the link for authentication 

C. It supports clear-text passwords 

D. It is configurable only on PPP callout links 

E. It uses a configured username and password to authenticate a host 

Answer: AE 


QUESTION 337 

Refer to the exhibit. After you applied this configuration to R1 and R2, they failed to form an IS-IS 
adjacency. Which reason for the problem is most likely true? 
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A. The network statements are mismatched 

B. The IP subnets are mismatched 

C. The bandwidth is mismatched 

D. The MTUs are mismatched 

Answer: D 


QUESTION 338 

After you configure split horizon on an EIGRP hub-and-spoke network. You notice that some 
routes are missing on the spoke routers. Which two actions can you take to correct the problem? 
(Choose two) 

A. Increase the Hello and Hold timers on the connections between the routers 

B. Configure unicast neighbor statements on both the hub and the spokes 

C. Disable split horizon on the spoke router interfaces only 

D. Disable split horizon on the hub router interface only 

E. Configure the summary address command on the hub router 

F. Define a separate subinterface on the hub router for each spoke 

Answer: DF 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


135 




















































Pass Leader’ 

Leader of IT Certifications 


QUESTION 339 

Which technology must be enabled on an interface before L2TPv3 can operate correctly? 

A. OSPF 

B. MPLS 

C. CEF 

D. STP 

Answer: C 


QUESTION 340 

Refer to the exhibit. Which two possible reasons why the administrator is unable to log into the 
switch remotely are true? (Choose two) 


RIK show i 
U> 4o«n»tri 



if 

estf+fXi 


U 


rpb4P.FnCqY' 


i 


1 me con 0* _ [ 

r\ / 7 ? . TV v w ~ 

Cfctc-'Uitout Q O 

ptivil^qc livei II 
iogyUg syntmrtnoqs 
line aux 0 
line vty 0 2 

logging synchronous 
login local 

transpose input telnet iah 
line vty 3 -i - ; 

logging synchronous : 
login • 


»/ 

mil 




)\[CW*'* 




; 


u -tri.-ij ‘Ci T. 


s$h 


tnuzHfL 


Pi#ahow line 
Tiy Typ T y./Px 

• 0 CTY 

1 AUX 9t00/$*00 

• : m 

• 3 m 

• 4 \TY 

5 VTT 

£ m 


iiUtfrT 

I Id l 


Mode® J*.oty AecD Accl Itees Noise Jv-trima Int 





0/0 

0/0 

0/0 

0/0 

0/0 

0/0 

0/0 


PCHash 1 ^a.lD.l i 

\ Connection uetg»^4 by tenote host 


iJ 


t 10.10.1.1 

. 1.1 ... 

ftuseU by tenote host 


A. An ACL is configured to reject connections from PCI 
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B. The user is using the incorrect username 

C. SSH is disabled 

D. The Telnet VTY lines are busy 

E. The Baud rate is misconfigured 

Answer: CD 


QUESTION 341 

Refer to the exhibit. Routers A and B are the edge devices at two different sites such as shown. 
The two edge devices use public addresses on their WAN interfaces and the both sites use RFC 
1918 for all other addresses. If routers A and B have established an IPsec tunnel, which 
statement about the network environment must be true? 



A. Router A1 and router B1 are using NAT translation to allow private-address traffic to traverse the 
tunnel 

B. Router A and router B are using BGP to share routes between the two sites 

C. The tunnel terminates on the ISP routes 

D. Each site is capable of routing private addressing over the IPsec tunnel 

Answer: D 


QUESTION 342 

Which STP feature can protect the network environment from loops in case of software failure? 

A. Root Guard 

B. BPDU Guard 

C. Bridge Assurance 

D. PortFast 

Answer: C 
Explanation: 

http://www.cisco.eom/c/en/us/td/docs/switches/lan/catalyst6500/ios/12- 
2SY/configuration/guide/sy_swcg/spanning_tree_features.html#79584 

You can use Bridge Assurance to protect against certain problems that can cause bridging loops 
in the network. Specifically, you use Bridge Assurance to protect against a unidirectional link 
failure or other software failure and a device that continues to forward data traffic when it is no 
longer running the spanning tree algorithm. 


QUESTION 343 

Refer to the exhibit. Routers A and B are the edge devices at two different sites as shown. 

If routers A and B have established an IPsec tunnel, which two statements about the network 
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environment must be true? (Choose two) 



A. The connection could have been authenticated with 802.lx 

B. The connection could have authenticated with a pre-shared key 

C. RFC 1918 addresses are in use on the WAN interfaces on router A and router B 

D. The connection could have been authenticated with MD5 

E. Public IP addresses are in use on the WAN interfaces on router A and router B 

Answer: BE 


QUESTION 344 

Refer to the exhibit, multiple hosts on the 10.2.2.0/24 network are sending traffic to the web 
server, Which configuration can you apply to R2 so that traffic from host 1 uses the path R2-R1- 
R3 to reach the web server, without affecting other hosts? 



A. access-list 1 permit 10.2.2.0 0.0.0.255 

B. interface FastEthernet2/0 ip policy route-map POLICY-ROUTE 

C. access-list 1 permit 10.2.2.3 255.255.255.255 

D. access-list 1 permit 10.2.2.3 0.0.0.0 

E. access-list 1 permit 10.2.2.4 0.0.0.0 
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F. ip local policy route-map POLICY-ROUTE 

Answer: D 


QUESTION 345 

A floating static route pointing to an interface appears in the routing table even when the interface 
is down. Which action can you take to correct the problem? 

A. Correct the DHCP-provided route on the DHCP server 

B. Remove the permanent option form the static route 

C. Correct the administrative distance 

D. Configure the floating static route to point to another route in the routing table 

Answer: B 


QUESTION 346 

When multiple AAA authentication methods are specified in a method list and all working 

normally, how is the user authenticated? 

A. The user is authenticated against all provided authentication sources and granted the most 
restricted set of access privileges 

B. The user is authenticated against the first listed authentication source only 

C. The user is authenticated against the provided authentication sources in order until a match is 
found 

D. The user is authenticated against all provided authentication sources and granted the least 
restricted set of access privileges 

Answer: B 


QUESTION 347 

Which feature must be enabled prior to enabling the IGMP Snooping Querier? 

A. PIM-SM 

B. SSM 

C. IP helper 

D. IGMP Snooping 

Answer: D 


QUESTION 348 

Which protocol enables routers in an MPLS environment to use labels to move traffic? 


A. 

FTP 

B. 

POP 

C. 

LLDP 

D. 

PPP 

E. 

L2TP 

F. 

LDP 
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Answer: F 


QUESTION 349 

Which PIM feature allows the same multicast group address to be reused in different 
administrative domains? 

A. Proxy Registering 

B. IP Multicast Helper 

C. IP Multicast Boundary 

D. CGMP 

Answer: C 
Explanation: 

http://www.cisco.eom/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/12-4t/imc-pim-12-4t- 
book7imc_basic_cfg.html 


QUESTION 350 

Which two IP packet types always traverse to the route processor CPU? (Choose two) 

A. Data-plane packets 

B. Forwarding-plane packets 

C. Control-plane packets 

D. Services-plane packets 

E. Management-plane packets 

Answer: CE 


QUESTION 351 

Which route types are redistributed from OSPF into BGP by default? 

A. All route types 

B. External routes only 

C. Inter-area routes only 

D. Intra-area routes only 

E. Intra-area routes and inter-area routes 

Answer: E 


QUESTION 352 

Which feature forces a new Diffie-Hellman key exchange each time data is transmitted over a 
IPsec tunnel? 

A. PFS 

B. rsa-encr authentication 

C. rsa-sig authentication 

D. 802.1 x 

E. CRACK authentication 

Answer: A 
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QUESTION 353 

Refer to the exhibit. Which device role could have generated this debug output? 


NHRP: Send Registration Request via Tunnell vrf 0, packet size: 108 
src: 172.30.10.66, dst: 172.30.10.1 
(F) afn: AF_IP(1), type: IP(800), hop: 255, ver: 1 
shtl: 4(NSAP), 33tl: 0 (NSAP) 
pktsz: 108 extcff: 52 
(M) flags: "unique nat ”, reqid: 113922 
src HBKA: 10.100.100.193 

src protocol: 172.30.10.66, dst protocol: 172.30.10.1 
(C—1) code: no error(0) 

prefix: 32, mtu: 17912, hd_time: 600 

addr_len: Q(NSAP), subaddr_len: 0{NSAP), proto_len: 0, pref: 0 
NHRP: Receive Registration Reply via 

addr_len: 0(NSAP), subaddr_len: 0<NSAP), proto_len: 0, pref: 0 


A. an NHS only 

B. an NHC only 

C. an NHS or an NHC 

D. a DMVPN hub router 

Answer: B 


QUESTION 354 

Which statement about the NHRP network ID is true? 

A. It is sent from the spoke to the hub to identify the spoke as a member of the same NHRP domain. 

B. It is sent from the hub to the spoke to identify the hub as a member of the same NHRP domain. 

C. It is sent between spokes to identify the spokes as members of the same NHRP domain. 

D. It is a locally significant ID used to define the NHRP domain for an interface. 

Answer: D 


QUESTION 355 

You are configuring a DMVPN spoke to use IPsec over a physical interface that is located within 
a VRF. For which three configuration sections must you specify the VRF name? (Choose three.) 

A. the ISAKMP profile 

B. the crypto keyring 

C. the IPsec profile 

D. the IPsec transform set 

E. the tunnel interface 

F. the physical interface 

Answer: BEF 
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QUESTION 356 

Which IPv6 prefix is used for 6to4 tunnel addresses? 

A. 2001../23 

B. 2002. ./16 

C. 3ffe. . /16 

D. 5f00. . 18 

E. 2001. . /32 

Answer: B 


QUESTION 357 

When you configure the ip pmtu command under an L2TPv3 pseudowire class, which two things 
can happen when a packet exceeds the L2TP path MTU? (Choose two.) 

A. The router drops the packet. 

B. The router always fragments the packet after L2TP/IP encapsulation. 

C. The router drops the packet and sends an ICMP unreachable message back to the sender only if 
the DF bit is set to 1. 

D. The router always fragments the packet before L2TP/IP encapsulation. 

E. The router fragments the packet after L2TP/IP encapsulation only if the DF bit is set to 0. 

F. The router fragments the packet before L2TP/IP encapsulation only if the DF bit is set to 0. 

Answer: CF 


QUESTION 358 

Which two parameters does the Tunnel Mode Auto Selection feature select automatically? 
(Choose two.) 

A. the tunneling protocol 

B. the transport protocol 

C. the ISAKMP profile 

D. the transform-set 

E. the tunnel peer 

Answer: AB 


QUESTION 359 

By default, how does a GET VPN group member router handle traffic when it is unable to register 
to a key server? 

A. All traffic is queued until registration is successful or the queue is full. 

B. All traffic is forwarded through the router unencrypted. 

C. All traffic is forwarded through the router encrypted. 

D. All traffic through the router is dropped. 

Answer: B 


QUESTION 360 
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Which two protocols are not protected in an edge router by using control plane policing? (Choose 
two.) 

A. SMTP 

B. RPC 

C. SSH 

D. Telnet 

Answer: AB 


QUESTION 361 

Which two statements are true about AAA? (Choose two.) 

A. AAA can use RADIUS, TACACS+, or Windows AD to authenticate users. 

B. If RADIUS is the only method configured in AAA, and the server becomes unreachable, the user 
will be able to log in to the router using a local username and password. 

C. If the local keyword is not included and the AAA server does not respond, then authorization will 
never be possible and the connection will fail. 

D. AAA can be used to authenticate the enable password with a AAA server. 

Answer: CD 


QUESTION 362 

Which three types of traffic are allowed by IEEE 802. IX access control prior to getting 
authenticated? (Choose three.) 

A. EAPOL 

B. VTP 

C. STP 

D. ARP 

E. CDP 

F. HTTP 

Answer: ACE 


QUESTION 363 

Which two statements about MAC ACLs are true? (Choose two.) 

A. They support only inbound filtering. 

B. They support both inbound and outbound filtering. 

C. They are configured with the command mac access-list standard. 

D. They can filter non-IP traffic on a VLAN and on a physical interface. 

Answer: AD 


QUESTION 364 

Refer to the exhibit. What happens to packets when traffic in the icmp-class class exceeds the 
policed amount? 
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RouterOsh policy-nap control-plane 
Control Plane 

Service-policy output: control-plane-out 

Class-zap: icmp-class (match-all) 

197314955 packets, 11510114428 bytes 
5 minute offered rate 1000 bps, drop rate 0000 bps 
Hatch: access-group name killicmpv2 
police: 

cir 1000000 bps, be 31250 bytes 
conformed 197138885 packets, 11499818077 bytes; actions: 
transmit 

exceeded 176100 packets, 10296351 bytes; actions: 
drop 

conformed 1000 bps, exceed 0000 bps 

Class-zap: class-default (match-any) 

1126224901 packets, 158790413979 bytes 
5 minute offered rate 41000 bps, drop rate 0000 bps 
Match: any 


A. Packets are discarded and a message is logged. 

B. Packets are discarded and a trap is sent to any servers that are configured to receive traps. 

C. Packets are discarded silently. 

D. Packets are discarded and an inform is sent to any servers that are configured to receive informs. 

Answer: C 

QUESTION 365 

Which statement describes Cisco PfR link groups? 

A. Link groups enable Cisco PfR Fast Reroute when NetFlow is enabled on the external interfaces of 
the border routers. 

B. Link groups define a strict or loose hop-by-hop path preference. 

C. Link groups are required only when Cisco PfR is configured to load-balance all traffic. 

D. Link groups are enabled automatically when Cisco PfR is in Fast Reroute mode. 

E. Link groups set a preference for primary and fallback (backup) external exit interfaces. 

Answer: E 


QUESTION 366 

Which two statements about NetFlow are true? (Choose two.) 

A. It must be configured on each router in a network. 

B. It supports ATM LAN emulation. 

C. The existing network is unaware that NetFlow is running. 

D. It uses SIP to establish sessions between neighbors. 

E. It provides resource utilization accounting. 
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Answer: CE 


QUESTION 367 

You are installing a new device to replace a device that failed. The configuration of the failed 
device is stored on a networked server, and the new device has an RXBOOT image installed. 
Under which condition does the streamlined Setup mode fail? 

A. The last four bits of the configuration register are not equal to the decimal value 0 or 1. 

B. The startup configuration file was deleted. 

C. Bit 6 is set in the configuration register. 

D. The startup configuration is corrupt. 

Answer: A 


QUESTION 368 

Which option is the Cisco recommended method to secure access to the console port? 

A. Configure the activation-character command. 

B. Configure a very short timeout (less than 100 milliseconds) for the port. 

C. Set the privilege level to a value less than 15. 

D. Configure an ACL. 

Answer: A 


QUESTION 369 

Refer to the exhibit. If the network switch is configured as shown, which two statements about 
network traffic are true? (Choose two.) 
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class-map match-any voice 
match dscp ef 
class-map match-any router 
match dscp cs6 
class-map match-any gold 
match dscp af41 
class-map match-any silver 
match dscp af31 

policy-map egress_queue 
class voice 
priority percent 25 
cla 33 gold 

bandwidth percent 40 
cla33 silver 
bandwidth percent 15 
class router 
bandwidth percent 5 
class cla3S-default 
bandwidth percent remaining 

policy-map egress_queue_2 
class class-default 
shape average 6000000 
service-policy egress_queue 

interface GigabitEthernetO/1 
3ervice-policy output egre33_queue_2 


A. Traffic enters the shaper on a FIFO basis. 

B. Traffic enters the shaper on a weighted fair queueing basis. 

C. Drop behavior is random for traffic in excess of 6 Mbps. 

D. Voice traffic is given priority until it reaches 1.5 Mbps. 

E. Voice traffic is given priority until it reaches 6 Mbps. 

Answer: AD 


QUESTION 370 

Refer to the exhibit. You are configuring the SI switch for the switchport connecting to the client 
computer. Which option describes the effect of the command mis qos map cos-dscp 0 8 16 24 32 
40 46 56? 
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A. Voice traffic is excluded from the default priority queue. 

B. Voice packets are given a class selector of 5. 

C. Video conferencing is marked CS3. 

D. Voice packets are processed in the priority queue. 

Answer: A 


QUESTION 371 

Which two options are two characteristics of the HSRPv6 protocol? (Choose two.) 

A. It uses virtual MAC addresses 0005.73a0.0000 through 0005.73a0.0fff. 

B. It uses UDP port number 2029. 

C. It uses virtual MAC addresses 0005.73a0.0000 through 0005.73a0.ffff. 

D. It uses UDP port number 2920. 

E. If a link local IPv6 address is used, it must have a prefix. 

Answer: AB 


QUESTION 372 

Which statement about VRRP is true? 

A. It supports load balancing. 

B. It can be configured with HSRP on a switch or switch stack. 

C. It supports IPv4 and IPv6. 

D. It supports encrypted authentication. 

Answer: B 


QUESTION 373 

Refer to the exhibit. What is the polling frequency set by this configuration? 
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ip ala monitor 10 

type echo protocol ipIcmpEcho 10.1.1.1 aource-ipaddr 10.1.1.2 
frequency 60 

ip ala monitor achedule 10 life 360 


A. 60 seconds 

B. 10 seconds 

C. 360 seconds 

D. 60 milliseconds 

E. 10 milliseconds 

Answer: A 


QUESTION 374 

Refer to the exhibit. Which additional information must you specify in this configuration to capture 
NetFlow traffic? 


configure terminal 

interface Ethernet 0/0 
ip addrea3 10.1.1.2 255.255.255.0 
ip flow-export deatination 10.1.1.1 


A. ingress or egress traffic 

B. the number of cache entries 

C. the flow cache active timeout 

D. the flow cache inactive timeout 

Answer: A 


QUESTION 375 

For which three routing protocols can Cisco PfR provide direct route control? (Choose three.) 

A. OSPF 

B. ISIS 

C. BGP 

D. EIGRP 

E. static routing 

F. ODR 

Answer: CDE 


QUESTION 376 

Refer to the exhibit. When would the EEM applet be triggered? 
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event manager applet MONITOR 

event interface name FastEthernetO/O parameter receive_rate_pps entry-op ge entry-val 
10000 entry-type value exit-op le exit-val 1000 exit-type value poll-interval 5 


A. every time that the input packet per second counter is below 10,000 

B. every time that the input packet per second counter has increased by 1,000 

C. every time that the input packet per second counter is above 10,000 

D. every time that the input packet per second counter has decreased by 1,000 

Answer: C 


QUESTION 377 

Refer to the exhibit. Based on the above commands, when will the output of the show log 
command be saved? 


process cpu threshold type total rising 80 interval 5 falling 50 interval 5 
event manager applet CCIE 

event syslog pattern "SYS-l-CPUFALLINGTHRESHOLD" 
action 1.1 cli command "enable” 

action 1.2 cli command "show log | a flash:LOG" 


A. Each time the total CPU utilization goes below 50 percent 

B. Each time the total CPU utilization goes above 80 percent 

C. Every 5 minutes while the total CPU utilization is above 80 percent 

D. Every 5 seconds while the total CPU utilization is above 80 percent 

E. Every 5 minutes while the total CPU utilization is below 50 percent 

F. Every 5 seconds while the total CPU utilization is below 50 percent 

Answer: A 
Explanation: 

he cpu threshold generates syslog messages when it goes above 80 % and when it comes back 
down below 50% after being above 80%. 

It checks cpu utilization every 5 seconds. 

When the cpu has been above 80%, and has come back below 50%, the syslog message SYS-1- 

CPUFALLINGTHRESHOLD is generated 

-thats when the "show log” command is triggered 

The closest answer is "Each time the total CPU goes below 50 percent" 


QUESTION 378 

Refer to the exhibit. Which of the following options will trigger the applet? 


event manager applet SCRIPT 



event none 

d(S© 



A. an external Cisco IOS event 

B. a manually run policy event 

C. a preconfigured timer 

D. an automated RPC call 
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Answer: B 
Explanation: 

There are two ways to manually run an EEM policy. EEM usually schedules and runs policies on 
the basis of an event specification that is contained within the policy itself. The event none 
command allows EEM to identify an EEM policy that can either be run manually or be run when 
an EEM applet is triggered. To run the policy, use either the action policy command in applet 
configuration mode or the event manager run command in global configuration mode. 


QUESTION 379 

In GLBP, which router will answer on client ARP requests? 

A. all active AVF routers as the first response is used by the client 

B. the AVG router, replying with a different AVF MAC address each time 

C. a random AVF router, based on a GLBP seed hash key 

D. only the AVG router that received the ARP request first 

Answer: B 
Explanation: 

LBP Active Virtual Gateway 

Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that 
group. Other group members provide backup for the AVG in the event that the AVG becomes 
unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group. Each 
gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned 
to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual 
MAC address. The AVG is responsible for answering Address Resolution Protocol (ARP) 
requests for the virtual IP address. 

Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC 
addresses. 

http://www.cisco.eom/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html#wp1039649 


QUESTION 380 

Refer to the exhibit. What is true about traffic from the INSIDE zone to the OUTSIDE zone? 
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class-map type inspect match-all CMAP_ICMP 
match protocol icmp 

i 

policy-map type inspect PMAPAB 
class type inspect CMAPICMP 
inspect 

class class-default 
drop 

i 

zone security INSIDE 

zone security OUTSIDE 

zone-pair security A_B source INSIDE destination OUTSIDE 
service-policy type inspect PMAP__A_B 

f 

interface FastEthernetO/O 
ip address 10.48.67.125 255.255.254.0 
zone-member security OUTSIDE 
duplex auto 
speed auto 
! 

? 

interface FastEthernetO/1 
ip address 192.168.101.1 255.255.255.0 
zone-member security INSIDE 
duplex auto 
speed auto 

i 

l 


A. All icmp echo requests will be inspected. 

B. All IP traffic will be dropped. 

C. All icmp echo requests will be passed, but the icmp echo reply to the echo request from the 
OUTSIDE zone will be dropped. /..I 

D. All IP traffic will be inspected. 

Answer: A 
Explanation: 

When the traffic moves from inside to outside zone, ICMP echo requests will be inspected 
because the inspection is set using policy-map-type command is used. 


QUESTION 381 

What is also called Type 0 authentication in OSPF on Cisco Routers? 

A. MD5 

B. There is no Type 0 authentication 

C. SHA1 

D. Null 

Answer: D 
Explanation: 

These are the three different types of authentication supported by OSPF. Null Authentication- 
This is also called Type 0 and it means no authentication information is included in the packet 
header. It is the default. 

Plain Text Authentication--This is also called Type 1 and it uses simple clear-text passwords. 
MD5 Authentication-This is also called Type 2 and it uses MD5 cryptographic passwords. 
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QUESTION 382 

Refer to the exhibit. Which two statements are correct, when the QoS configuration is applied in 
an outbound direction on a 10-Mb/s interface? (Choose two.) 


Class-map VIDEO 
Match ip precedence 5 
Class-map FTP 
Match ip precedence 1 

policy-map TEST 
class VIDEO 
priority 200 
class FTP 
bandwidth 1000 
class class-default 
random-defect 


A. When reaching 10 Mb/s of input rate, the video class will be policed to 200 kb/s. 

B. The class FTP is allowed to reach more than 1 Mb/s in the event of congestion. 

C. IP precedence 1 traffic is affected by a drop probability. 

D. Video traffic above 200 kb/s is allowed to pass when the total interface output rate does not 
reach 10 Mb/s. 

E. Video traffic above 200 kb/s is allowed to pass when congestion is present. 

Answer: BD 
Explanation: 

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/intrface.html 


QUESTION 383 

Refer to the exhibit. A user with IP address 10.10.10.200 fails to use Telnet to a switch with IP 
address 10.10.20.2. 

What is most likely the issue? 
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10 . 10 . 10 . 1/24 ^ 


10 . 10.10 200/24 



0 . 20.2 



line con 0 
line vty 0 4 
no login 

privilege level 15 


end 


A. The switch is not configured with a default gateway. 

B. The HTTP server is not enabled on the switch. 

C. STP is blocking the connection from switch to router. 

D. IP routing is enabled on the switch, but no route pointing back to the client is configured. 

E. The switch is configured with an IP address from the wrong subnet. 

Answer: D 
Explanation: 

As you can see in the exhibit that IP routing is enabled on the switch but no route is pointing back 
to the client. The ip address of interface vlan 1 is given but after that nothing! 


QUESTION 384 

Refer to the exhibit. Router RTB is performing one-way redistribution from RIP to OSPF. Which 
outgoing interface will router RTD choose for packets to the 192.168.0.0/24 network, and why? 
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router ospf 1 
redistribute rip 


A. FaO/1, because OSPF is a link-state routing protocol 

B. FaO/O, because RIP is a distance vector protocol 

C. FaO/O, because RIP has a higher administrative distance 

D. FaO/O, because OSPF has a lower administrative distance 

E. FaO/1, because OSPF has a lower administrative distance 

F. FaO/1, because RIP has a lower administrative distance 

Answer: E 


QUESTION 385 

Refer to the exhibit. What is the potential issue with this configuration? 



6.6.6.0/30 


OSPF 


OSPF AREA 1 

7.7.7.0/30 


L2P-A 

router 

network 

ospf 1 

1.1.1.1 

0.0.0.0 

area 

0 

network 

2.2.2.1 

0.0.0.0 

area 

0 

network 

4.4.4.1 

0.0.0.0 

area 

1 

network 

5.5.5.1 

0.0.0.0 

area 

1 


A. There is no potential issue; OSPF will work fine in any condition. 

B. Sub-optimal routing may occur since there is no area 1 adjacency between the ABRs. 
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C. This is a wrong OSPF configuration because all routers must be in area 0 only. 

D. This is a wrong OSPF configuration because /30 requires 0.0.0.3 wild card. 

Answer: B 
Explanation: 

The primary difference is that the GRE tunnel hides the real recipients under the outer IP header. 
The "transit" area, in that case, does not need to actually know all the prefixes. What it needs, 
though, is a default route that points towards the backbone. Suboptimal routing may occur, then, 
because the traffic from the "transit" area must first reach the backbone in order to get GRE- 
encapsulated and carried again through the "transit" area to the disconnected area. 


QUESTION 386 

Refer to the exhibit. What triggered the first SPF recalculation? 


Cl#show ip ospf statistics 








OSPF Router with 

ID (11.100. 

in) 

(Process 

ID 100) 



Area 0: 

SPF algorithm executed 2 times 





Summary 

OSPF SPF statistic 







SPF calculation time 







Delta T 

Intra D-Intra Summ 

D-Summ 

Ext 

D-Ext 

Total 

Reason 

00:05:12 

0 rO 0 


0 

0 

0 

R, 

SN f X 

00:05:02 

0 

0 

0 

0 

0 

R, 

SN f X 

00:02:57 

0 0 0 

0 

0 

0 

0 

X 



A. changes in a router LSA, subnet LSA, and external LSA 

B. changes in a router LSA, summary network LSA, and external LSA 

C. changes in a router LSA, summary network LSA, and summary ASBR LSA 

D. changes in a router LSA, summary ASBR LSA, and external LSA 

Answer: B 
Explanation: 

OSPFv2 is built around links, and any IP prefix change in an area will trigger a full SPF. It 
advertises IP information in Router and Network LSAs. The routers thus, advertise both the IP 
prefix information (or the connected subnet information) and topology information in the same 
LSAs. This implies that if an IP address attached to an interface changes, OSPF routers would 
have to originate a Router LSA or a Network LSA, which btw also carries the topology 
information. This would trigger a full SPF on all routers in that area, since the same LSAs are 
flooded to convey topological change information. This can be an issue with an access router or 
the one sitting at the edge, since many stub links can change regularly. 

Only changes in interarea, external and NSSA routes result in partial SPF calculation (since type 
3, 4, 5 and 7 LSAs only advertise IP prefix information) and thus IS-IS's PRC is more pervasive 
than OSPF's partial SPF. 

This difference allows IS-IS to be more tolerant of larger single area domains whereas OSPF 
forces hierarchical designs for relatively smaller networks. However with the route leaking from L2 
to LI incorporated into IS-IS the apparent motivation for keeping large single area domains too 
goes away. SPF is calculated in three phases. The first is the calculation of intra-area routes by 
building the shortest path tree for each attached area. The second phase calculates the inter-area 
routes by examining the summary LSAs and the last one examines the AS-External-LSAs to 
calculate the routes to the external destinations. 


QUESTION 387 

Which two orders in the BGP Best Path Selection process are correct? (Choose two.) 
A. Higher local preference, then lowest MED, then eBGP over iBGP paths 
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B. Higher local preference, then highest weight, then lowest router ID 

C. Highest weight, then higher local preference, then shortest AS path 

D. Lowest origin type, then higher local preference, then lowest router ID 

E. Highest weight, then higher local preference, then highest MED 

Answer: AC 
Explanation: 

Weight is the first attribute BGP uses in the route selection process. Route with a higher weight is 
preferred when multiple routes exist to the same destination. 


QUESTION 388 

Refer to the exhibit. Which action must you take to enable full reachability from router C to router 
D? 


Router A 



EIGRP 


Router B 



OSPF 
Area 0 


OSPF 
Area 0 



Router C Router D 


A. Build an OSPF virtual link. 

B. Build an OSPF sham link. 

C. Configure mutual redistribution between OSPF and EIGRP on routers A and B. 

D. Add a static route on router D. 

Answer: C 


QUESTION 389 

Which two Cisco Express Forwarding tables are located in the data plane? (Choose two.) 

A. the forwarding information base 

B. the label forwarding information base 

C. the IP routing table 

D. the label information table 

E. the adjacency table 

Answer: AE 
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Explanation: 

http://www.cisco.eom/c/en/us/td/docs/ios/12_2/switch/configuration/guide/fswtch_c/xcfcef.html 


QUESTION 390 

Which option is the most effective action to avoid packet loss due to microbursts? 

A. Implement larger buffers. 

B. Install a faster CPU. 

C. Install a faster network interface. 

D. Configure a larger tx-ring size. 

Answer: A 


QUESTION 391 

Which two statements about packet fragmentation on an IPv6 network are true? (Choose two.) 

A. The fragment header is 64 bits long. 

B. The identification field is 32 bits long. 

C. The fragment header is 32 bits long. 

D. The identification field is 64 bits long. 

E. The MTU must be a minimum of 1280 bytes. 

F. The fragment header is 48 bits long. 

Answer: AB 


QUESTION 392 

You are backing up a server with a 1 Gbps link and a latency of 2 ms. Which two statements 
about the backup are true? (Choose two.) 

A. The bandwidth delay product is 2 Mb. 

B. The default TCP send window size is the limiting factor. 

C. The default TCP receive window size is the limiting factor. 

D. The bandwidth delay product is 500 Mb. 

E. The bandwidth delay product is 50 Mb. 

Answer: AC 


QUESTION 393 

Which two pieces of information does RTCP use to inform endpoint devices about the RTP flow? 
(Choose two.) 

A. the transmitted octet 

B. the lost packet count 

C. session control function provisioning information 

D. the CNAME for session participants 

E. the authentication method 

F. MTU size changes in the path of the flow 

Answer: AB 
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QUESTION 394 

Which two options are required parts of an EEM policy? (Choose two.) 

A. event register keyword 

B. body 

C. environment must defines 

D. namespace import 

E. entry status 

F. exit status 

Answer: AB 


QUESTION 395 

Which two actions can you take to allow the greatest number of pertinent packets to be stored in 
the temporary buffer of Cisco IOS Embedded Packet Capture? (Choose two.) 

A. Specify the sampling interval. 

B. Specify the capture buffer type. 

C. Specify a reflexive ACL. 

D. Specify the minimum packet capture rate. 

E. Specify the packet size. 

F. Store the capture simultaneously onto an external memory card as the capture occurs. 

Answer: AB 


QUESTION 396 

Which technology can be used to secure the core of an STP domain? 

A. UplinkFast 

B. BPDU guard 

C. BPDU filter 

D. root guard 

Answer: D 


QUESTION 397 

What is the destination multicast MAC address for BPDUs on the native VLAN, for a switch that is 
running 802.1 D? 

A. 0185. C400. 0000 

B. 0100.0CCC.CCCC 

C. 0100.0CCC.CCCD 

D. 0180. C200. 0000 

Answer: D 


QUESTION 398 
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Refer to the exhibit. All switches have default bridge priorities, and originate BPDUs with MAC 
addresses as indicated. The numbers shown are STP link metrics. 


Prionty: 32768 
MAC Address: 


f4ac c1c4 2b80 


Priority 32768 
MAC Address 
f4ac.dc4.2b83 


Priority 32768 
MAC Address 
(4ac c1c4 2b84 




(4ac c1c4 2b86 


Priority: 32768 
MAC Address 
f4ac.c1c4 2b82 


Priority 32768 
MAC Address 
f4acc1c4 2b85 


After STP converges, you discover that traffic from switch SWG toward switch SWD takes a less 
optimal path. What can you do to optimize the STP tree in this switched network? 

A. Change the priority of switch SWA to a lower value than the default value. 

B. Change the priority of switch SWB to a higher value than the default value. 

C. Change the priority of switch SWG to a higher value than the default value. 

D. Change the priority of switch SWD to a lower value than the default value. 

Answer: D 


QUESTION 399 

Which three statements are true about VSS? (Choose three.) 

A. VSS separates the control planes of the active and the standby chassis. 

B. Configuration changes can be made on both active and standby chassis. 
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C. When the VSS active chassis recovers after a failure, it initiates a switchover and takes on the 
active role again. 

D. VSS unifies the control planes of the active and the standby chassis. 

E. HSRP configuration is not required to run VSS. 

F. The VSS standby chassis monitors the VSS active chassis using the VSL. 

Answer: DEF 


QUESTION 400 

Which flag in a configuration BPDU instructs all switches to shorten their bridge table aging 
process from the default 300 seconds to the current forward delay value? 

A. topology change bit 

B. topology change acknowledgment bit 

C. priority bit 

D. max-age bit 

Answer: A 


QUESTION 401 

Refer to the exhibit. Which technology can be used on the switch to enable host A to receive 
multicast packets for 239.2.2.2 but prevent host B from receiving them? 



A. IGMP filtering 

B. MLD snooping 

C. IGMP snooping 

D. MLD filtering 

Answer: C 
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QUESTION 402 

Which option describes the purpose of the PPP endpoint discriminator? 

A. It identifies the maximum payload packet. 

B. It notifies the peer that it prefers 12-bit sequence numbers. 

C. It identifies the system attached to the link. 

D. It determines whether a loopback is on the link. 

Answer: C 


QUESTION 403 

Which three statements about SPAN traffic monitoring are true? (Choose three.) 

A. Traffic from a non-source VLAN is discarded when it arrives on a source VLAN. 

B. Multiple sessions can send traffic to an individual destination port. 

C. It supports up to 32 SPAN ports per switch. 

D. The destination port acts as a normal switchport. 

E. It supports up to 64 SPAN ports per switch. 

F. Only one session can send traffic to an individual destination port. 

Answer: AEF 


QUESTION 404 

Which option describes how a VTPv3 device responds when it detects a VTPv2 device on a trunk 
port? 

A. It sends VTPv3 packets only. 

B. It sends VTPv2 packets only. 

C. It sends VTPv3 and VTPv2 packets. 

D. It sends a special packet that contains VTPv3 and VTPv2 packet information. 

Answer: C 


QUESTION 405 

Which three statements about bridge assurance are true? (Choose three.) 

A. Bridge assurance must be enabled on both ends of a link. 

B. Bridge assurance can be enabled on one end of a link or on both ends. 

C. Bridge assurance is enabled on STP point-to-point links only. 

D. Bridge assurance is enabled on STP multipoint links only. 

E. If a bridge assurance port fails to receive a BPDU after a timeout, the port is put into a blocking state. 

F. If a bridge assurance port fails to receive a BPDU after a timeout, the port is put into an error 
disabled state. 

Answer: ACE 


QUESTION 406 

What is the hop limit for an MLD message? 
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A. 1 

B. 2 

C. 15 

D. 255 

Answer: A 


QUESTION 407 

Refer to the exhibit. Which action must you take to enable the WAN link to function properly? 



R1 R2 

interface SerialO interface Serial! 

ip address 10.1.1.1 25S.2SS.25S.0 ip address 10.1.1.2 25S.2SS.2SS.0 


A. Enter a clock rate on the DCE interface. 

B. Enter a clock rate on the DTE interface. 

C. Enter a compression algorithm on both interfaces. 

D. Configure both interfaces for HDLC encapsulation. 

Answer: A 


QUESTION 408 

Which two options are the two main phases of PPPoE? (Choose two.) 

A. Active Discovery Phase 

B. IKE Phase 

C. Main Mode Phase 

D. PPP Session Phase 

E. Aggressive Mode Phase 

F. Negotiation Phase 

Answer: AD 


QUESTION 409 

Which three statements about EVCs are true? (Choose three.) 

A. Spanning Tree must use MST mode on EVC ports. 

B. PAGP is supported on EVC ports. 

C. Spanning Tree must use RSTP mode on EVC ports. 

D. LACP is supported on EVC ports. 

E. Layer 2 multicast framing is supported. 

F. Bridge domain routing is required. 
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Answer: ABD 


QUESTION 410 

Refer to the exhibit. Why is the router out of memory? 


Router#show version 

Router processor (revision 0x00) with 524283K bytes of memory. 


Router#show memory statistics 

Head Total(b) Used(b) 
Processor 38A6400 405117952 360086164 


Free(b) Lowest(b) Largest(b) 
1031788 37130412 34036896 


Router#show process memory 
PID TTY Allocated Freed Holding 

0 0 73373216 1706280 69497168 

154 0 1103256760 1247933563 311905892 

327 0 212528944 322521272 44071084 


Getbufs Retbufs Process 

0 0 *Init* 

204360 0 BGP Router 

0 0 IP RIB Update 


Router#show ip bgp summary 

BGP router identifier 1.1.1.1, local AS number 65000 

3GP table version is 310248959, main routing table version 310248959 

246316 network entries using 29557920 bytes of memory 

1586197 path entries using 76137456 bytes of memory 

256960/41528 BGP path/bestpath attribute entries using 27751680 bytes of memory 
440 BGP rrinfo entries using 10560 bytes of memory 
115467 BGP AS-PATH entries using 3047533 bytes of memory 
5952 BGP community entries using 479704 bytes of memory 
0 3GP route-map cache entries using 0 bytes of memory 
230723 3GP filter-list cache entries using 2768676 bytes of memory 
BGP using 139753534 total bytes of memory 
Dampening enabled. 8 history paths, 0 dampened paths 
631350 received paths for inbound soft reconfiguration 
3GP activity 9798913/9552597 prefixes, 220334574/213798377 paths 


Neighbor V AS MsgRcvd MsgSent TblVer 

1.1.1.2 4 65001 39985912 1334531 310248959 

1.1.1.3 4 65001 12269759 529250 310248959 

1.1.1.4 4 €5001 42728751 20209410 310243959 

1.1.1.5 4 65001 46624114 20179383 310248959 


InQ OutQ Up/Down 
0 0 9wld 

0 0 26w0d 

0 0 32w2d 

0 0 ly!4w 


scan interval 60 secs 
State/PfxRcd 
277030 
276929 
200372 
200372 


A. The router is experiencing a BGP memory leak software defect. 

B. The BGP peers have been up for too long. 

C. The amount of BGP update traffic in the network is too high. 

D. The router has insufficient memory due to the size of the BGP database. 

Answer: D 


QUESTION 411 

Refer to the exhibit. Why is the OSPF state in 2WAY/DROTHER? 


Rl#show ip ospf neighbor 


Neighbor ID 

Pri 

State 

Dead Time 

Address 

Interface 

192.163.2.2 

0 

2WAY/BROTHER 

00:00:35 

10.25.123.2 

EthernetO/O 

152.163.3.3 

Rl# 

0 

2WAY/BROTHER 

00:00:33 

10.25.123.3 

Ethernet0/0 


A. This is the expected output when the interface EthernetO/O of R1 is configured with OSPF Priority 0. 

B. There is a duplicate router ID. 

C. There is an MTU mismatch. 

D. There is an OSPF timer (hello/dead) mismatch. 
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E. This is the expected output when R1 is the DR. 

Answer: A 


QUESTION 412 

In a nonbackbone OSPF area, all traffic that is destined to the Internet is routed by using a default 
route that is originated by the ABR. Which change in the configuration of the OSPF area type 
causes traffic from that area that is destined to the Internet to be dropped? 

A. The OSPF area changes from NSSA to totally stubby area. 

B. The OSPF area changes from NSSA to regular area. 

C. The OSPF area changes from stub area to totally stubby area. 

D. The OSPF area changes from stub area to NSSA. 

Answer: D 


QUESTION 413 

Refer to the exhibit. When the link between RtrB and RtrC goes down, multicast receivers stop 
receiving traffic from the source for multicast group 229.1.1.1 .Which solution will resolve this? 


All links are part of OSPF process 1 area 0 
Each link has an OSPF cost 10. 

PIM SM is running on all the router interfaces except link RtrB-RtrF. 
RtrC is the RP for group 229.1.1.1 


RtrA RtrB RtrC 


RtrD RtrE 



RtrF 


RtrG 


A. adding a static mroute on RtrB and RtrF 

B. adding a static unicast route on RtrB and RtrF 

C. creating a GRE tunnel between RtrB and RtrD 

D. enabling PIM sparse mode on both ends of the link between RtrB and RtrF 

Answer: D 


QUESTION 414 

Which measure does ISIS use to avoid sending traffic with a wrong MTU configuration? 
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A. ISIS does not protect from MTU mismatch. 

B. MTU value is communicated in ISIS Sequence Number PDUs (SNP), and ISIS adjacency is not 
established if an MTU mismatch is detected. 

C. ISIS uses path MTU discovery as specified in RFC 1063. 

D. ISIS uses padding of hello packets to full MTU. 

Answer: D 


QUESTION 415 

Which regular expression will match prefixes from the AS 200 that is directly connected to our 
AS? 

A. A $ 

B. A 200) 

C. _200$ 

D. _200_ 

E. A 200_ 

Answer: E 


QUESTION 416 

Refer to the exhibit. Assuming that the peer is configured correctly and the interface is up, how 
many neighbors will be seen in the EIGRPv6 neighbor table on this IPv6-only router? 


interface LoopbacklO 
no ip address 

ipv6 address 6010:A38::/64 eui-64 

I 

interface LoopbacklO 
no ip address 

ipvc address 6020: A33::/€4 eui-64 

i 

interface Ethernet0/0 
no ip address 
ipv€ enable 
ipv6 eigrp 50 

i 

ipv6 router eigrp 50 


A. one neighbor, which will use a local router-id of 6010. AB8.. /64 

B. one neighbor, which will use a local router-id of 6020. AB8.. /64 

C. none, because EIGRPv6 only supports authenticated peers 

D. none, because of the mismatch of timers 

E. none, because there is no EIGRP router ID configured 

Answer: E 
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QUESTION 417 

What does a nonzero forwarding address indicate in a type-5 LSA? 

A. It indicates that this link-state ID is eligible for ECMP. 

B. It indicates that this router should have an OSPF neighbor relationship with the forwarding address 
before using this link-state ID. 

C. It indicates that the receiving router must check that the next hop is reachable in its routing table 
before using this link-state ID. 

D. It indicates that traffic can be directly routed to this next hop in shared segment scenarios where 
the external route source is directly connected. 

Answer: D 


QUESTION 418 

Which type of EIGRP routes are summarized by the auto-summary command? 

A. internal routes that are learned from a peer that is outside the range of local network statements 

B. external routes that are learned from a peer that is inside the range of local network statements 

C. locally created routes that are outside the range of local network statements 

D. external routes that are learned from a peer that is outside the range of local network statements 

Answer: B 


QUESTION 419 

Refer to the exhibit. How can the EIGRP hello and hold time for GigO/O be changed to 5 and 15? 


router eigrp foo 

j 

address-family ipv4 unicast autonomous-system 1 

j 

af-interface default 
hello-interval 10 
hold-time 30 
exit-af-interface 

j 

topology base 
exit-af-topology 
network 10.0.0.0 
exit-address-family 


A. No action is required, since GigO/O is not listed with a nondefault hello and hold time. 

B. Add the commands ip hello-interval eigrp 1 5 and ip hold-time eigrp 1 15 under interface GigO/O. 

C. Add the commands hello-interval 5 and hold-time 15 under "af-interface GigO/O" under the address family. 

D. Add the commands default hello-interval and default hold-time under the af-interface GigO/O statement 
under the address family. 

Answer: C 
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QUESTION 420 

What is the range of addresses that is used for IPv4-mapped IPv6 addresses? 

A. 2001. db9. . /32 

B. 2001. db8.. 132 

C. 2002. ./16 

D. . . ffff. /16 

E. .. ffff. 0. 0/96 

Answer: E 


QUESTION 421 

Which three features require Cisco Express Forwarding? (Choose three.) 

A. NBAR 

B. AutoQoS 

C. fragmentation 

D. MPLS 

E. UplinkFast 

F. BackboneFast 

Answer: ABD 


QUESTION 422 

Which two options are interface requirements for turbo flooding? (Choose two.) 

A. The interface is Ethernet. 

B. The interface is configured for ARPA encapsulation. 

C. The interface is PPP. 

D. The interface is configured for GRE encapsulation. 

E. The interface is configured for 802.IQ encapsulation. 

Answer: AB 


QUESTION 423 

Which three option are sub-subfields of the IPv4 Option Type subfield? (Choose three.) 

A. Option Class 

B. GET 

C. Copied 

D. PUSH 

E. Option Number 

F. TTL 

Answer: ACE 
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QUESTION 424 

Which TCP mechanism prevents the sender from sending data too quickly for the receiver to 
process? 

A. Congestion control 

B. Error detection 

C. Selective acknowledgement 

D. Flow control 

Answer: D 


QUESTION 425 

Which two packet types does an RTP session consist of? (Choose two.) 

A. TCP 

B. RTCP 

C. RTP 

D. ICMP 

E. BOOTP 

F. ARP 

Answer: BC 


QUESTION 426 

Which option describes the effect of the OSPF default-information originate always command? 

A. It creates a stub area. 

B. It configures the device to advertise a default route regardless of whether it exists in the routing 
table. 

C. It configures the device to automatically redistribute a default route. 

D. It adds a static default route to the device configuration. 

Answer: B 


QUESTION 427 

Which technology can create a filter for an embedded packet capture? 

A. Control plane policing 

B. Access lists 

C. NBAR 

D. Traffic shaping 

Answer: B 


QUESTION 428 

Which two options are reasons to manipulate the delay metric instead of the bandwidth metric for 
EIGRP routing? (Choose two.) 

A. Because the delay metric provides better handling for bursty traffic 
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B. Because manipulating the bandwidth metric can also affect QoS 

C. Because manipulating the bandwidth affects only a particular path 

D. Because changes to the delay metric are propagated to all neighbors on a segment 

Answer: BD 


QUESTION 429 

Which option describes a limitation of Embedded Packet Capture? 

A. It can capture data only on physical interfaces and subinterfaces. 

B. It can store only packet data. 

C. It can capture multicast packets only on ingress. 

D. It can capture multicast packets only on egress. 

Answer: C 


QUESTION 430 

Which statement about Cisco Discovery Protocol is true? 

A. The multicast address 0100.0cdd.dddd is used as the destination address for periodic advertisements. 

B. An inactive VLAN that is configured on an access port passes periodic Cisco Discovery Protocol 
advertisements. 

C. The multicast address 0100.0ccc.ccd is used as the destination address for periodic advertisements. 

D. A VLAN must be active on an access port before periodic Cisco Discovery Protocol advertisements 
are passed. 

Answer: D 


QUESTION 431 

Which three TLVs does LLDP use to discover network devices? (Choose three.) 

A. Management address 

B. Port description 

C. Network policy 

D. System name 

E. Location information 

F. Power management 

Answer: ABD 


QUESTION 432 

Which command enables L2 QoS support in all VLANs (including the native VLAN)? 

A. switchport priority extend cos 

B. mis qos trust dscp 

C. mis qos rewrite ip dscp 

D. switchport trunk native vlan tag 

Answer: D 
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QUESTION 433 

Which three modes are valid for forming an EtherChannel between the ports of two switches? 
(Choose three.) 

A. Active/active 

B. Active/passive 

C. Passive/passive 

D. Auto/auto 

E. Auto/desirable 

F. Desirable/on 

Answer: ABE 


QUESTION 434 

In which 802.1 D port state are the root bridge, the root port, and the designated port(s) elected? 

A. Listening 

B. learning 

C. forwarding 

D. blocking 

E. disabled 

Answer: A 


QUESTION 435 

Refer to the exhibit. A Cisco Catalyst 6500 Series Switch experiences high CPU utilization. 
What can be the cause of this issue, and how can it be prevented? 


switch#show mis 

cef except! 

.on status 

Current 

IPv4 

FI3 

exception 

state 

= TRUE 

Current 

IPv6 

FIB 

exception 

state 

= FALSE 

Current 

MPLS 

FIB 

exception 

state 

= FALSE 


A. The hardware routing table is full. Redistribute from BGP into IGP. 

B. The software routing table is full. Redistribute from BGP into IGP. 

C. The hardware routing table is full. Reduce the number of routes in the routing table. 

D. The software routing table is full. Reduce the number of routes in the routing table. 

Answer: C 


QUESTION 436 

In a network where a Layer 2 switch interconnects several routers, which feature restricts 
multicast packets for each IP multicast group to only those mulicast router ports that have 
downstream receivers joined to that group? 

A. PIM snooping 

B. IGMP snooping 
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C. IGMP filter 

D. IGMP proxy 

Answer: A 


QUESTION 437 

Which three statements about Cisco HDLC are true? (Choose three.) 

A. HDLC serial encapsulation provides asynchronous framing and error detection. 

B. Serial link keepalives are maintained by SLARP. 

C. HDLC serial encapsulation provides synchronous framing without retransmission. 

D. HDLC frame size can be reduced with MPPC compression. 

E. The interface is brought down after five ignored keepalives. 

F. The interface is brought down after three ignored keepalives. 

Answer: BCF 


QUESTION 438 

Which two fields reside in the initial CHAP challenge packet? (Choose two.) 

A. the authentication name of the challenger 

B. a random hash value generated by the device 

C. the hashed packet type ID 

D. the packet type ID in clear text 

Answer: AD 


QUESTION 439 

Which statement about WAN Ethernet Services is true? 

A. Rate-limiting can be configured per EVC. 

B. Point-to-point processing and encapsulation are performed on the customer network. 

C. Ethernet multipoint services function as a multipoint-to-multipoint VLAN-based connection. 

D. UNIs can perform service multiplexing and all-in-one bundling. 

Answer: A 


QUESTION 440 

What is the maximum number of secondary IP addresses that can be configured on a router 
interface? 

A. 1 

B. 2 

C. 4 

D. 1024 

E. 65535 

F. no limit to the number of addresses 
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Answer: F 


QUESTION 441 

Which address is a MAC address that is mapped from an IPv6 address (RFC 2464)? 

A. 3333.FF17.FC0F 

B. FFFE. FF17.FC0F 

C. FF34.3333.FF17 

D. FF7E.FF17.FC0F 

Answer: A 


QUESTION 442 

Which multicast protocol uses source trees and RPF? 

A. DVMRP 

B. PIM sparse mode 

C. CBT 

D. mOSPF 

Answer: A 


QUESTION 443 

What is the function of the command ip pirn autorp listener? 

A. It allows a border PIM sparse mode router to accept autorp information from another autonomous 
system. 

B. It allows the mapping agents to accept autorp information from the PIM rendezvous point. 

C. It allows the routers to flood the autorp information in a sparse-mode-only network. 

D. It allows a BSR to accept autorp information and translate it into BSR messages. 

Answer: C 


QUESTION 444 

Refer to the exhibit. Which statement is true about why the first-hop PIM IPv6 router is stuck in 
registering? 


FHR#show ipv6 mroute FF7E::1234 

(2001:db8::7, FF7E::1234), 00:02:27/00:01:02, flags: SFT 
Incoming interface: Ethernetl/0 
RPF nbr: FE80::A8BB:CCFF:FE00:701, Registering 
Immediate Outgoing interface list: 

Tunnel2, Forward, 00:01:38/never 


A. The scope of the IPv6 multicast address is link-local. 

B. The outgoing interface for the IPv6 multicast group should not be a tunnel interface. 

C. The R-bit is set in the IPv6 address, but this is not an embedded RP multicast IPv6 address. 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


172 















Pass Leader* 

Leader of IT Certifications 


D. The S flag should not be set on a first-hop PIM router. 

E. A multicast IPv6 address does not start with FF. 

Answer: C 


QUESTION 445 

Refer to the exhibit. Which option is the result of this configuration? 


ip access-list extended PZDIRECT 
permit tcp any any eq 25 

| 

route-map REDIRECT 10 

match ip address REDIRECT-SNMP 

set interface GigabitEthernetl/Q 

i 

interface loopbackO 

ip address 172.21.254.254 255.255.252.0 

; 

ip local policy route-map REDIP£CT-SNHP 


A. All SNMP traffic coming into the router is redirected to interface GigabitEthernetl/O. 

B. All SNMP traffic generated from the router is redirected to interface GigabitEthernetl/O. 

C. All SMTP traffic generated from the router is redirected to interface GigabitEthernetl/O. 

D. All POP3 traffic coming into the router is redirected to interface GigabitEthernetl/O. 

E. All SMTP traffic coming into the router is redirected to interface GigabitEthernetl/O. 

Answer: C 


QUESTION 446 

Which three statements about EIGRP and BFD are true? (Choose three.) 

A. BFD is independent of the routing protocol, so it can be used as a generic failure detection 
mechanism for EIGRP. 

B. Some parts of BFD can be distributed to the data plane, so it can be less CPU-intensive than 
reduced timers, which exist wholly at the control plane. 

C. Reduced EIGRP timers have an absolute minimum detection timer of 1 -2 seconds; BFD can 
provide sub-second failure detection. 

D. BFD is tied to specific routing protocols and can be used for generic fault detection for the OSPF, 
EIGRP, and BGP routing protocols. 

E. BFD is dependent on the EIGRP routing protocol, so it can be used as a specific failure detection 
mechanism. 

F. BFD resides on the control plane, so it is less CPU-intensive than if it resided on the data plane. 

Answer: ABC 


QUESTION 447 

You are implementing new addressing with EIGRP routing and must use secondary addresses, 
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which are missing from the routing table. Which action is the most efficient solution to the 
problem? 

A. Disable split-horizon on the interfaces with secondary addresses. 

B. Disable split-horizon inside the EIGRP process on the router with the secondary interface 
addresses. 

C. Add additional router interfaces and move the secondary addresses to the new interfaces. 

D. Use a different routing protocol and redistribute the routes between EIGRP and the new protocol. 

Answer: A 


QUESTION 448 

Refer to the exhibit. Which two options are possible states for the interface configured with the 
given OSPFv3 authentication? (Choose two.) 


P.l(config-if )jjfipv£ ospf authentication ipsec spi 25c md5 0 o-routes 


A. GOING UP 

B. DOWN 

C. UNCONFIGURED 

D. GOING DOWN 

Answer: AB 


QUESTION 449 

Refer to the exhibit. The device with this configuration is unable to reach network 172.31.31.0/24. 
The next hop router has been verified to have full connectivity to the network. 

Which two actions can you take to establish connectivity to the network? (Choose two.) 


ip route 10.0.0.0 255.255.255.0 192.168.192.9 
ip default-network 172.16.199.9 


A. Create a static route to 172.16.199.0 using the address of the next hop router. 

B. Create a default route to the link address of the next hop router. 

C. Create a static route to the loopback address of the next hop router. 

D. Create a default route to 172.16.199.9. 

E. Modify the existing static route so that the next hop is 0.0.0.0. 

F. Replace the ip default-network command with the ip default-gateway command. 

Answer: AB 


QUESTION 450 

Which algorithm heavily influenced the algorithm used by path-vector protocols? 
A. Bellman-Ford 
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B. SPF 

C. DUAL 

D. Spanning-Tree 

E. Adaptive 

F. Deflection 

Answer: A 


QUESTION 451 

Refer to the exhibit. All of the routers on this network are running RIP. If you edit the R3 RIP 
process configuration to reduce the number of hops from R3 to R1, which statement about the 
configuration change is true? 



network 10.0.0.0 network 10.0.0.0 

passive-interface default passive-interface default 

no passive-interface GigabitEthemetO/O 
no passive-interface GigabitEthemetO/1 
no passive-interface GigabitEthemetl/0 


A. Configuring no passive-interface for GigabitEthernet0/0 in the R3 RIP process reduces the 
number of hops to R1 by 2. 

B. Configuring no passive-interface for GigabitEthernet0/0 in the R3 RIP process reduces the 
number of hops to R1 by 1. 

C. Configuring no passive-interface for GigabitEthernet0/1 in the R3 RIP process reduces the 
number of hops to R1 by 3. 

D. Configuring no passive-interface for GigabitEthernet0/1 in the R3 RIP process reduces the 
number of hops to R1 by 1. 

Answer: A 


QUESTION 452 

Where should the passive-interface command be used? 

A. Under the routing process for interfaces that need to be routed, but prevented from peering 

B. under the routing process for interfaces that need to be routed and allowed to peer 

C. under the interface configuration for interfaces that need to be routed, but prevented from peering 

D. under the interface configuration for interfaces that need to be routed and allowed to peer 

E. under the VTY configuration within global configuration mode 

Answer: A 
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QUESTION 453 

Refer to the exhibit. Which statement about the device routing table is true? 


ip prefix-list EIGRP-ROUTES seq 5 permit 10.10.10.0/24 le 32 

ip prefix-list OUTBOUND seq 5 permit 192.lcB.lcB.1/32 

router eigrp £5535 

network 1S2.1£8.1£8.0 0.0.255.255 

network 172.31.10.0 0.0.0.255 

distribute-list prefix EIGRP-ROUTES gateway OUTBOUND in 


A. Only networks 10.10.10.0/24 and smaller from host 192.168.168.1 are in the routing table. 

B. Only networks 10.10.10.0/24 and larger from host 192.168.168.1 are in the routing table. 

C. Only network 10.10.10.0/24 from host 192.168.168.1 is in the routing table. 

D. Networks 10.10.10.0/24 and smaller from any host are in the routing table. 

Answer: A 


QUESTION 454 

Refer to the exhibit. R1 is performing mutual redistribution, but OSPF routes from R3 are unable 
to reach R2. Which three options are possible reasons for this behavior? (Choose three.) 



A. R1 requires a seed metric to redistribute RIP. 

B. The RIP version supports only classful subnet masks. 

C. R1 is filtering OSPF routes when redistributing into RIP. 

D. R3 and R1 have the same router ID. 

E. R1 and R3 have an MTU mismatch. 

F. R2 is configured to offset OSPF routes with a metric of 16. 

Answer: ACF 
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QUESTION 455 

Refer to the exhibit. If the downstream router has a summary route configured, which two actions 
must you take on the local router to create the summary route that summarizes all routes from the 
downstream router? (Choose two.) 


P.l#sh ip eigrp 1 topology all 

IP-El GP.P Topology Table Cot AS(1)/ID{10.1.1.2) 

Codes: P - Passive, A - Active, U - Update, Q - Query, P. - Reply, 
r - reply Status, s - sia Status 

P 10.8.1.0/24, 1 successors, FD is 156160, serno 7 
via 10.1.1.1 (156160/128256), FastEthemetl/O 
P 10.1.1.0/24, 1 successors, FD is 28160, serno 1 
via Connected, FastEthernetl/0 
P 10.6.1.0/24, 1 successors, FD is 156160, serno 8 
via 10.1.1.1 (156160/128256), FastEthemetl/0 


A. Configure the summary address on the interface. 

B. Use 10.0.0.0 255.248.0.0 as the summary route. 

C. Configure the summary address in the EIGRP process. 

D. Use 10.0.0.0 255.252.0.0 as the summary route. 

E. Configure a route map to permit the route. 

F. Configure a distribute list in. 

Answer: AB 


QUESTION 456 

Which three statements about RIP timers are true? (Choose three.) 

A. The default update timer is 30 seconds. 

B. The default invalid timer is 180 seconds. 

C. The default holddown timer is 180 seconds. 

D. The default flush timer is 60 seconds. 

E. The default scan timer is 60 seconds. 

F. The default hello timer is 5 seconds. 

Answer: ABC 

QUESTION 457 

Which timer expiration can lead to an EIGRP route becoming stuck in active? 

A. hello 

B. active 

C. query 

D. hold 

Answer: B 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


177 















Pass Leader’ 

Leader of IT Certifications 


QUESTION 458 

Which three values can be used to tag external EIGRP routes? (Choose three.) 

A. The router ID of the router that redistributed the route 

B. The administrative distance of the external protocol 

C. The protocol ID of the external protocol 

D. The cost to reach the router that redistributed the route 

E. The metric from the external protocol 

F. The router ID of the router from which the external protocol route was learned 

Answer: ACE 


QUESTION 459 

Which data plane protocol does EIGRP Over the Top use? 

A. MPLS 

B. GRE 

C. LISP 

D. IP-in-IP 

Answer: C 


QUESTION 460 

Which statement about the feasible distance in EIGRP is true? 

A. It is the maximum metric that should feasibly be considered for installation in the RIB. 

B. It is the minimum metric to reach the destination as stored in the topology table. 

C. It is the metric that is supplied by the best next hop toward the destination. 

D. It is the maximum metric possible based on the maximum hop count that is allowed. 

Answer: B 


QUESTION 461 

Which statement about the EIGRP RTO is true? 

A. It is six times the SRTT. 

B. It is the time that it normally takes for an update to be received by a peer. 

C. It is the time that it normally takes to receive a reply to a query. 

D. It is the average time that it takes for a reliable packet to be acknowledged. 

Answer: A 


QUESTION 462 

Which option describes the purpose of the leak-map keyword in the command eigrp stub 
connected leak- map EigrpLeak? 

A. It allows the specified static routes to be advertised. 

B. It allows exceptions to the route summarization that is configured. 
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C. It allows specified EIGRP-learned routes to be advertised. 

D. It restricts specified connected routes from being advertised. 

Answer: C 


QUESTION 463 

Refer to the exhibit. If OSPF is implemented on the network, which additional configuration is 
needed to allow traffic from host 10.4.1.15/24 to host 10.1.2.20/24? 



A. A virtual link between router 2 and router 4 

B. A virtual link between router 3 and router 4 

C. A virtual link between router 2 and router 3 

D. The current design allows traffic between the two hosts. 

Answer: D 

QUESTION 464 

Refer to the exhibit. Which OSPFv3 routes will be visible in the routing table of R2? 
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Rl: 

interface LocpbackO 
ip address 1.1.1.1 255.255.255.0 
ipv6 address 2001:12::1/128 
ipv6 rip RIPNG enable 

interface FastEthernetO/O 
ip address 10.1.12.1 

255.255.255.0 
duplex auto 
speed auto 

ipv6 address 2001:112::1/64 
ipv6 cspf 1 area 0 

interface FastEthernetO/1 
no ip address 
shutdown 
duplex auto 
speed auto 

j 

ip forward-protocol nd 


no ip http server 

no ip http secure-server 


ipv6 router ospf 1 
log-adjacency-changes 
redistribute rip RIPNG 

ipv6 router rip RIPNG 


RIPNG 
2001:12::1/128 





RIPNG 

2001:12::2/128 


LoopO 


r* 


*\ 

1 Fa0/0 

2001:112::/64 

FaO/0 1 


OSPFv3 Area 0 



R2 : 

interface LoopbackO 
ip address 2.2.2.2 255.255.255.0 
ipv6 address 2001:12::2/126 
ipv6 rip RIPNG enable 

interface FastEthernet0/0 
ip address 10.1.12.2 

255.255.255.0 
duplex auto 
speed auto 

ipv6 address 2001:112::2/64 
ipv6 ospf 1 area 0 

i 

interface FastEthernetO/1 
no ip address 
shutdown 
duplex auto 
speed auto 

i 

ip forward-protocol nd 


no ip http server 

no ip http secure-server 


ipv6 router ospf 1 
log-adjacency-changes 
redistribute rip RIPNG include- 
connected 

I 

ipv6 router rip RIPNG 


A. 2001:12::1/128 

B. 2001:12-1/128, 2001:112::1/128 

C. 2001:12-2/128 

D. No OSPFv3 routes will be visible. 

Answer: D 


QUESTION 465 

Refer to the exhibit. Rl is configured as shown. Rl is able to establish a neighbor adjacency only 
with R2. Which addition must you make to the Rl configuration to allow it to establish an 
adjacency with R3? 
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Area 0 



interface gigabitethernet 0/0 
ip address 10.0.0.1 255.255.255.0 

interface gigabitethernet 0/1 
ip address 10.1.0.1 255.255.255.0 

router ospf 1 

network 10.0.0.0 0.0.0.255 area 0 


A. interface gigabitethernet 0/1 

ip address 10.1.0.1 255.255.255.0 
ip ospf network point-to-point 

B. interface gigabitethernet 0/1 

ip address 10.1.0.1 255.255.255.0 
ip ospf 1 area 0 

C. router ospf 1 

network 10.1.0.0 0.0.0.255 area 1 
router ospf 1 
area 0 stub 

Answer: C 


QUESTION 466 

Which option describes how a router responds if LSA throttling is configured and it receives the 
identical LSA before the interval is set? 
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A. The LSA is added to the OSPF database and a notification is sent to the sending router to slow 
down its LSA packet updates. 

B. The LSA is added to the OSPF database. 

C. The LSA is ignored. 

D. The LSA is ignored and a notification is sent to the sending router to slow down its LSA packet 
updates. 

Answer: C 


QUESTION 467 

Which two options are valid for the number of bytes in a BGP AS number? (Choose two.) 

A. 2 bytes 

B. 4 bytes 

C. 6 bytes 

D. 8 bytes 

E. 16 bytes 

Answer: AB 


QUESTION 468 

Refer to the exhibit. Why is the loopback 0 interface of R4 missing in the routing table of R2? 


hostname R3 
router ospf 1 

network 0.0.0.0 255.255.255.255 area 0 
router bgp 65001 

network 3.3.3.0 mask 255.255.255.0 
neighbor 10.1.23.2 remote-as 65001 
neighbor 10.1.23.2 route-reflector-client 
neighbor 10.1.34.4 remote-as 65001 
neighbor 10.1.34.4 route-reflector-client 
no auto-summary 


BGP AS65001 



R2 4sh ip bgp 

BGP table version is l, local router ID is 3.3.3.3 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal. 


Igin codes: 

r RIB-fai1ure, 
i - IGP, e - EG 

S Stale 

p, ? - incomplete 




Network 
l. i. 1.0/24 
2.2.2.0/24 

Next Hop 
10.1.12.1 

0.0.0.0 

Metric 

0 

0 

LocPrf 

0 

Weight 
65105 
327 68 

Path 

i 
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A. R2 is configured as a route reflector client. 

B. There is no peering between R2 and R3. 

C. The next hop is not reachable from R2. 

D. The route originated within the same AS. 

Answer: B 


QUESTION 469 

Which statement about the BGP scope of the cost community is true? 

A. It is shared with IBGP neighbors only. 

B. It is shared with IBGP neighbors and route reflectors. 

C. It is shared with EBGP neighbors only. 

D. It is shared with IBGP and EBGP neighbors. 

E. It is shared with IBGP and confederation peers. 

Answer: E 


QUESTION 470 

Which statement is true about conditional advertisements? 

A. Conditional advertisements create routes when a predefined condition is met. 

B. Conditional advertisements create routes when a predefined condition is not met. 

C. Conditional advertisements delete routes when a predefined condition is met. 

D. Conditional advertisements create routes and withhold them until a predefined condition is met. 

E. Conditional advertisements do not create routes, they only withhold them until a predefined 
condition is met. 

Answer: E 


QUESTION 471 

Refer to the exhibit. How can Router X in AS70000 peer with Router Y in AS65000, in case 
Router Y supports only 2-byte ASNs? 



A. Router X should be configured with a remove-private-as command, because this will establish the 
peering session with a random private 2-byte ASN. 

B. It is not possible. Router Y must be upgraded to an image that supports 4-byte ASN. 

C. Router Y should be configured with a 4-byte AS using the local-as command. 

D. Router X should be configured with a 2-byte AS using the local-as command. 
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Answer: D 


QUESTION 472 

Which statement about BGP and diverse path advertisement is true? 

A. The BGP best-path selection must be disabled. 

B. The BGP best-path selection algorithm has been changed to always ignore the IGP metric. 

C. The BGP best-path selection algorithm has been changed so that two BGP paths can be flagged 
as best in the BGP table. 

D. The BGP best-path selection algorithm has not been changed. 

E. The BGP best-path selection is disabled for BGP routes for which the feature is enabled. 

Answer: D 

QUESTION 473 

For which two conditions is Cisco Express Forwarding recursion disabled by default when the 
BGP Prefix Independent Convergence functionality is enabled? (Choose two.) 

A. next hops learned with a /24 mask 

B. next hops learned with any mask shorter than /32 

C. next hops learned with a /32 mask 

D. next hops that are directly connected 

Answer: CD 


QUESTION 474 

How many bytes comprise the system ID within an IS-IS NET? 

A. 4 bytes 

B. 6 bytes 

C. 8 bytes 

D. 16 bytes 

E. 20 bytes 

Answer: B 


QUESTION 475 

Which two statements about IS-IS are true? (Choose two.) 

A. The default hello interval is 10 seconds and the default hold timer is 30 seconds. 

B. The hello interval can be changed on a per-interface basis with the command isis hello-multiplier. 

C. Both routers need to have the same hello intervals and hold timers in order to form IS-IS 
neighbors. 

D. Both IS-IS routers need to have the same capabilities in the hello packet in order to form 
neighbors. 

Answer: AD 
Explanation: 
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To specify the length of time between hello packets that the Cisco IOS software sends, use the 
isis hello-interval command in interface configuration mode. 

By default, a value three times the hello interval seconds is advertised as the hold time in the 
hello packets sent. (Change the multiplier of 3 by specifying the isis hello-multiplier command.) 
With smaller hello intervals, topological changes are detected faster, but there is more routing 
traffic. 

The default is 10 seconds. 

http://www.cisco.eom/c/en/us/td/docs/ios/12_2/iproute/command/reference/fiprrp_r/1rfisis.html 


QUESTION 476 

Which bit should be set in the link-state PDU of an IS-IS L1/L2 router to indicate that it is a 
potential exit point of the area? 

A. the ABR bit 

B. the ATT bit 

C. the down bit 

D. the P bit 

Answer: B 


QUESTION 477 

MPLS LDP IGP synchronization is configured on a link. The OSPF adjacency on that link is UP 
but MPLS LDP synchronization is not achieved. Which statement about this scenario is true? 

A. The router excludes the link from its OSPF LSA type 1. 

B. The router flushes its own router LSA. 

C. The router advertises the link in its router LSA with max-metric. 

D. The router advertises an LSA type 2 for this link, with the metric set to max-metric. 

E. The router advertises the link and OSPF adjacency as it would when the synchronization is 
achieved. 

Answer: C 


QUESTION 478 

What is the new designation for the MPLS EXP (experimental) bits? 

A. QoS bits 

B. traffic class bits 

C. flow bits 

D. precedence bits 

Answer: B 


QUESTION 479 

Which two options are signaling protocols that are used in MPLS? (Choose two.) 

A. LDP 

B. RSVP 

C. BFD 
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D. LISP 

E. CLNS 

F. CDP 

Answer: AB 


QUESTION 480 

Which option is an incorrect design consideration when deploying OSPF areas? 

A. area 1 - area 0 - MPLS VPN backbone - area 0 - area 2 

B. area 1 - MPLS VPN backbone - area 2 

C. area 1 - MPLS VPN backbone - area 1 

D. area 2 - area 0 - MPLS VPN backbone - area 1 

E. area 0 - area 2 - MPLS VPN superbackbone - area 1 

Answer: E 


QUESTION 481 

Refer to the exhibit. Which statement about the route target for 192.168.1.0/24 is true? 


ip vrf 10051 

rd 10.1.1.1:10051 

route-target export 64512:100010051 
route-target import 64512:100010051 

ip access-list standard mgmtl-10051 
permit 192.168.1.0 0.0.0.255 

route-map 10051-export permit 10 
match ip address mgmtl-10051 
set extccmmunity rt 64512:3002300 

route-map 10051-export permit 20 
match ip address mgmtl-10051 

set extcommunity rt 64512:2002250 64512:3002300 additive 


A. Its route target is 64512:100010051. 

B. Its route targets are 64512:100010051,64512:2002250, and 64512:3002300. 

C. Its route target is 64512:3002300. 

D. Its route targets are 64512:100010051 and 64512:3002300. 

E. Its route targets are 64512:2002250 and 64512:3002300. 

Answer: C 


QUESTION 482 

Which two options are benefits of EIGRP OTP? (Choose two.) 

A. It allows EIGRP routers to peer across a service provider without the service provider 
involvement. 
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B. It allows the customer EIGRP domain to remain contiguous. 

C. It requires only minimal support from the service provider. 

D. It allows EIGRP neighbors to be discovered dynamically. 

E. It fully supports multicast traffic. 

F. It allows the administrator to use different autonomous system numbers per EIGRP domain. 
Answer: AB 


QUESTION 483 

Which three options are best practices for implementing a DMVPN? (Choose three.) 

A. Use IPsec in tunnel mode. 

B. Implement Dead Peer Detection to detect communication loss. 

C. Configure AES for encryption of transported data. 

D. Configure SHA-1 for encryption of transported data. 

E. Deploy IPsec hardware acceleration to minimize router memory overhead. 

F. Configure QoS services only on the head-end router. 

Answer: ABC 


QUESTION 484 

Which IPv6 tunneling type establishes a permanent link between IPv6 domains over IPv4? 

A. IPv4-compatible tunneling 

B. ISATAP tunneling 

C. 6to4 tunneling 

D. manual tunneling 

Answer: D 


QUESTION 485 

Which three components comprise the structure of a pseudowire FEC element? (Choose three.) 

A. pseudowire ID 

B. pseudowire type 

C. control word 

D. Layer 3 PDU 

E. header checksum 

F. type of service 

Answer: ABC 


QUESTION 486 

In which two modes do IPv6-in-IPv4 tunnels operate? (Choose two.) 

A. tunnel mode 

B. transport mode 

C. 6to4 mode 
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D. 4to6 mode 

E. ISATAPmode 

Answer: AB 


QUESTION 487 

Which VPN technology requires the use of an external key server? 

A. GETVPN 

B. GDOI 

C. SSL 

D. DMVPN 

E. IPsec 

F. L2TPv3 

Answer: A 


QUESTION 488 

Which three roles does a key server perform when used with GETVPN? (Choose three.) 

A. It authenticates group members. 

B. It manages security policies. 

C. It creates group keys. 

D. It distributes multicast replication policies. 

E. It distributes multicast replication keys. 

F. It configures and routes the GDOI protocol. 

Answer: ABC 


QUESTION 489 

Which two Cisco IOS AAA features are available with the local database? (Choose two.) 

A. command authorization 

B. network access authorization 

C. network accounting 

D. network access authentication 

Answer: AD 

QUESTION 490 

What is the most secure way to store ISAKMP/IPSec preshared keys in Cisco IOS? 

A. Use the service password-encryption command. 

B. Encrypt the ISAKMP preshared key in secure type 5 format. 

C. Encrypt the ISAKMP preshared key in secure type 7 format. 

D. Encrypt the ISAKMP preshared key in secure type 6 format. 

Answer: D 
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QUESTION 491 

Which two statements about the protected ports feature and the private VLAN feature are true? 
(Choose two.) 

A. The protected ports feature is limited to the local switch. 

B. The protected ports feature can isolate traffic between two "protected" ports on different switches. 

C. The private VLAN feature is limited to the local switch. 

D. The private VLAN feature prevents interhost communication within a VLAN across one or more 
switches. 

Answer: AD 


QUESTION 492 

Which two features are used for inspection when IPv6 address glean is enabled? (Choose two.) 

A. DHCP messages 

B. ND messages 

C. ICMPv6 messages 

D. UDP messages 

E. TCP messages 

Answer: AB 


QUESTION 493 

Refer to the exhibit. Which statement about the R1 configuration is true? 


Rl#show run 

ip ssh time-out 30 

ip ssh authentication-retries 2 

access-list 10 permit 10.1.1.2 
no cdp log mismatch duplex 

control-plane 

line con 0 

exec-timeout 5 30 
logging synchronous 
line aux 0 
line vty 0 4 

access-class 10 in 
login 

transport input ssh 


A. It permits host 10.1.1.2 to establish a Telnet connection to R1. 

B. It limits remote hosts to two SSH connection attempts. 

C. SSH connections to R1 will log out after a 5-minute idle interval. 
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D. Hosts that reside on network 10.0.0.0/8 can SSH to R1. 

E. The R1 timeout for outgoing SSH connection attempts is 30 seconds. 

Answer: E 


QUESTION 494 

Which two statements about the default SNMP configuration are true? (Choose two.) 

A. The SNMP agent is enabled. 

B. The SNMP trap receiver is configured. 

C. All SNMP notification types are sent. 

D. SNMPvl is the default version. 

E. SNMPv3 is the default version. 

Answer: CD 


QUESTION 495 

Which two statements about logging are true? (Choose two.) 

A. Log messages are sent to the console port by default. 

B. Log messages are displayed in a Telnet session by default. 

C. Interface status changes are logged at the Notification level. 

D. Interface status changes are logged at the Informational level. 

E. System restart messages are logged at the Critical level. 

F. Reload requests are logged at the Notification level. 

Answer: AC 


QUESTION 496 

Refer to the exhibit. Your network is suffering excessive output drops. 
Which two actions can you take to resolve the problem? (Choose two.) 


acces3-switch-l#show interface fastethernetO/9 
FastEthernetO/9 is up, line protocol i3 up (connected) 

Hardware is Fast Ethernet, address is 04da.d237.9f09 (bia 04da.d237.9f09) 
Auto-duplex, Auto-speed, media type is 10/10OBaseTX 
Last clearing of "shew interface" counters never 

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 59137853 

access-3witch-l#shcw mis qos interface fastethernetO/9 statistics 

Queueset: 1 

output queues dropped: 


queue 

; 

threshcldl 

threshold2 

threshold3 

queue 

0: 

0 

0 

48252 

queue 

1: 

23164955 

35924645 

1 

queue 

2: 

0 

0 

0 

queue 

3: 

0 

0 

0 
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A. Install a switch with larger buffers. 

B. Configure a different queue set. 

C. Reconfigure the switch buffers. 

D. Configure the server application to use TCP. 

E. Update the server operating system. 

Answer: AB 


QUESTION 497 

Refer to the exhibit. If the remaining configuration uses default values, what is the expected 
output of the show mis qos queue- set command? 


mis qcs queue-set output 1 threshold 2 80 90 100 100 

mis qcs queue-set output 1 threshold 3 400 400 100 800 

mis qos queue-set output 1 threshold 4 60 100 100 100 


Queueset: 1 




Queue 

1 

2 

3 

4 

buffers 

25 

25 

25 

25 

threshold! 

100 

80 

400 

60 

threshold2 

100 

90 

400 

100 

reserved 

50 

100 

100 

100 

maximum 

400 

100 

eoo 

100 


Queueset: 1 




Queue 

: 1 

2 

3 

4 

buffers 

25 

25 

25 

25 

thresholdl 

100 

80 

400 

60 

threshold2 

100 

90 

400 

100 

reserved 

50 

100 

100 

100 

maximum 

100 

100 

800 

100 


Queueset: 1 




Queue 

: 1 

2 

3 

4 

buffers 

25 

25 

25 

25 

thresholdl 

50 

80 

400 

60 

threshold2 

50 

90 

400 

100 

reserved 

50 

100 

100 

100 

maximum 

400 

100 

800 

100 
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Queueset: 1 

Queue : 1 

2 

3 

4 

buffers 

25 

25 

25 

25 

thresholdl 

100 

80 

400 

60 

threshold2 

100 

90 

400 

100 

reserved 

100 

100 

100 

100 

max imum 

400 

100 

800 

100 


Answer: A 


QUESTION 498 

Which two statements about HSRP are true? (Choose two.) 

A. Its virtual MAC is 0000.0C07.Acxx. 

B. Its multicast virtual MAC is 0000.5E00.01xx. 

C. Its default configuration allows for pre-emption. 

D. It supports tracking. 

E. It supports unique virtual MAC addresses. 

Answer: AD 


QUESTION 499 

Which two statements about the client-identifier in a DHCP pool are true? (Choose two.) 

A. It specifies a unique identifier that is used only for DHCP requests. 

B. It is specified by appending 01 to the MAC address of a DHCP client. 

C. It specifies a hardware address for the client. 

D. It specifies a unique identifier that is used only for BOOTP requests. 

E. It requires that you specify the hardware protocol. 

Answer: AB 


QUESTION 500 

Refer to the exhibit. If router R1 is functioning as a DHCPv6 server and you enter the command 
show ipv6 dhcp binding, which two options are pieces of information in the output? (Choose two.) 
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A. The IA PD 

B. The DUID 

C. The prefix pool 

D. The DNS server 

E. The Rapid-Commit setting 

Answer: AB 


QUESTION 501 

Which two statements about NPTv6 are true? (Choose two.) 

A. The translation is invisible to applications that hard code IP information within the application 
logic. 

B. It is a one-way stateful translation for the IPv6 address. 

C. Translation is 1:1 at the network layer. 

D. It is a two-way stateless translation for the network prefix. 

Answer: CD 


QUESTION 502 

Which three protocols can use enhanced object tracking? (Choose three.) 

A. HSRP 

B. Proxy-ARP 

C. VRRP 
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D. GLBP 

E. NTP 

F. DHCP 

Answer: ACD 


QUESTION 503 

What are the three primary components of NetFlow? (Choose three.) 

A. Flow caching 

B. A flow collector 

C. The data analyzer 

D. Flow sequence numbers 

E. Cisco Express Forwarding 

F. Multicast 

Answer: ABC 


QUESTION 504 

Which two options are actions that EEM can perform after detecting an event? (Choose two.) 

A. Place a port in err-disabled. 

B. Generate an SNMP trap. 

C. Reload the Cisco IOS Software. 

D. Send an SMS. 

Answer: BC 


QUESTION 505 

On which three options can Cisco PfR base its traffic routing? (Choose three.) 

A. Time of day 

B. An access list with permit or deny statements 

C. Load-balancing requirements 

D. Network performance 

E. User-defined link capacity thresholds 

F. Router IOS version 

Answer: CDE 


QUESTION 506 

Which two routing protocols are not directly supported by Cisco PfR route control, and rely on the 
Cisco PfR subfeature PIRO? (Choose two.) 

A. BGP 

B. EIGRP 

C. Static routing 

D. OSPF 
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E. IS-IS 
Answer: DE 


QUESTION 507 

Which two options does Cisco PfR use to control the entrance link selection with inbound 
optimization? (Choose two.) 

A. Prepend extra AS hops to the BGP prefix. 

B. Advertise more specific BGP prefixes (longer mask). 

C. Add (prepend) one or more communities to the prefix that is advertised by BGP. 

D. Have BGP dampen the prefix. 

Answer: AC 


QUESTION 508 

While you are troubleshooting network performance issues, you notice that a switch is 
periodically flooding all unicast traffic. Further investigation reveals that periodically the switch is 
also having spikes in CPU utilization, causing the MAC address table to be flushed and 
relearned. What is the most likely cause of this issue? 

A. a routing protocol that is flooding updates 

B. a flapping port that is generating BPDUs with the TCN bit set 

C. STP is not running on the switch 

D. a user that is downloading the output of the show-tech command 

E. a corrupted switch CAM table 

Answer: B 


QUESTION 509 

Your network is suffering from regular outages. After troubleshooting, you learn that the transmit 
lead of a fiber uplink was damaged. Which two features can prevent the same issues in the 
future? (Choose two.) 

A. root guard 

B. loop guard 

C. BPDU guard 

D. UDLD 

E. BPDU skew detection 

Answer: BD 


QUESTION 510 

Which feature would prevent guest users from gaining network access by unplugging an IP 
phone and connecting a laptop computer? 

A. IPSecVPN 

B. SSL VPN 
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C. port security 

D. port security with statically configured MAC addresses 

E. private VLANs 

Answer: D 


QUESTION 511 

Which two statements are true about the role of split horizon? (Choose two.) 

A. It is a function used by routing protocols to install routes into routing table 

B. It is a function that prevents the advertising of routes over an interface that the router is using 
to reach a route 

C. Its function is to help avoid routing loops. 

D. It is a redistribution technique used by routing protocols 

Answer: BC 


QUESTION 512 

Refer to the exhibit. Which result will the EEM applet in the exhibit produce? 


event manager applet CCIE 

event timer cron name CCIE cron-entry */5 * * * * 
action 1 cli command "en" 
action 2 cli command "show log" 


A. The output of show version will be executed every 5 hours. 

B. The output of show log will be executed every 5 hours. 

C. The output of show log will be executed every Friday. 

D. The output of show log will be executed every 5 minutes. 

Answer: B 
Explanation: 

The cron entry indicates 5 hours. So the output of show log will be executed every 5 hours. 


QUESTION 513 

Which two events occur when a packet is decapsulated in a GRE tunnel? (Choose two.) 

A. The destination IPv4 address in the IPv4 payload is used to forward the packet. 

B. The TTL of the payload packet is decremented. 

C. The source IPv4 address in the IPv4 payload is used to forward the packet. 

D. The TTL of the payload packet is incremented. 

E. The version field in the GRE header is incremented. 

F. The GRE keepalive mechanism is reset. 

Answer: AB 


QUESTION 514 
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Refer to the exhibit. How will traffic be split between the routers, assuming that there are many 
hosts on this subnet? 


R100#show glbp 
EthernetO/O - Group 150 
State is Active 

Virtual IP address is 10.1.1.150 
Preemption enabled, min delay 0 sec 
Active is local 

Standby is 10.1.1.101, priority 100 (expires in 8.128 sec) 

Priority 150 (configured) 

Weighting 50 (configured 50), thresholds: lower 1, upper 50 
Load balancing: round-robin 
Group members: 

aabb.cc00.6400 (10.1.1.100) local 

aabb.cc00.6500 (10.1.1.1G*k ^—* 

There are 2 forwarders (1 active) 

Forwarder 1 

State is Active 

1 state change, last state change 00:07:56 
Redirection enabled 

Preemption enabled, min delay 30 sec 
Active is local, weighting 10 
Forwarder 2 

State is Listen 

Redirection enabled, 599.360 sec remaining (maximum 600 sec) 

Time to live: 14399.360 sec (maximum 14400 sec) 

Active is 10.1.1.101 (primary), weighting 30 (expires in 10.432 sec) 


A. All traffic will be sent to the primary router (10.1.1.100). 

B. Traffic will be split equally between the two routers (10.1.1.100 and 10.1.1.101). 

C. Traffic will be split 25% (10.1.1.101) / 75% (10.1.1.100) between the two routers. 

D. Traffic will be split 75% (10.1.1.101) / 25% (10.1.1.100) between the two routers. 

Answer: D 


QUESTION 515 

Refer to the exhibit. A packet from RTD with destination RTG, is reaching RTB. What is the path 
this packet will take from RTB to reach RTG? 
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RTA 

router ospf 1 

network 1.1.1.1 0.0.0.0 area C 
network 2.2.2.1 0.0.0.0 area C 
network 4.4.4.1 0.0.0.0 area 1 
network 5.5.5.1 0.0.0.0 area 1 


5.5.5.0/30/ 


4.4.4.0/30 


taSSfc 6.6.6.0/30 


m m 

m 

1.1.1.0/30 

OSPF AREA 0 

1.1.1.4/30 

- GJBZk. 2.2.2.0/30 


3.3.3.0/30 



OSPF AREA 1 


4.4.4.4/30 




saca 

7.7.7.0/30 







A. RTB-RTA-RTG 

B. RTB - RTD - RTC - RTA - RTG 

C. RTB - RTF - RTE - RTA - RTG 

D. RTB will not be able to reach RTG since the OSPF configuration is wrong. 

Answer: C 
Explanation: 

NOTE: I strongly suspect this question is wrong. There is no way to find the destination without 
additional information. So this is a wrong question. The exhibit doesn't provide enough 
information to calculate the path of the packet 


QUESTION 516 

Refer to the exhibit. Which path is selected as best path? 


Rl# show ip bgp 10.1.0.1 

BGP routing table entry for 10.1.0.0/16, version 11 
Paths: (2 available, best #?, table Default-IP-Routing-Table) 
Advertised to non peer-group peers: 

2 

65000 

10.168.30.4 (metric 74) from 3.3.3.3 (3.3.3.3) 

Origin IGP, metric 100, localpref 100, valid, internal 
65000 U 

10.168.20.4 from 192.168.20.4 (4.4.4.4) 

Origin IGP, metric 200, localpref 100, valid, external 


A. path 1, because it is learned from IGP 

B. path 1, because the metric is the lowest 

C. path 2, because it is external 

D. path 2, because it has the higher router ID 
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Answer: B 
Explanation: 

Metrics is a property of a route in computer networking, consisting of any value used by a routing 
protocol to determine whether one particular route should be chosen over another. The routing 
table stores only the best possible routes, while link-state or topological databases may store all 
other information as well. For example, Routing Information Protocol uses hopcount (number of 
hops) to determine the best possible route. The route will go in the direction of the gateway with 
the lowest metric (default gateway). 


QUESTION 517 

What is the first thing that happens when IPv6 is enabled on an interface on a host? 

A. A router solicitation is sent on that interface. 

B. There is a duplicate address detection on the host interface. 

C. The link local address is assigned on the host interface. 

D. A neighbor redirect message is sent on the host interface. 

Answer: B 
Explanation: 

Duplicate address detection (DAD) is used to verify that an IPv6 home address is unique on the 
LAN before assigning the address to a physical interface (for example, QDIO). 
z/OS Communications Server responds to other nodes doing DAD for IP addresses assigned to 
the interface. 


QUESTION 518 

What is the flooding scope of an OSPFv3 LSA, if the value of the S2 bit is set to 1 and the SI bit 
is set to 0? 

A. link local 

B. area wide 

C. AS wide 

D. reserved 

Answer: C 


QUESTION 519 

Refer to the exhibit. R1 is not learning about the 172.16.10.0 subnet from the BGP neighbor R2 
(209.165.202.130). What can be done so that R1 will learn about this network? 
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A. Disable auto-summary on R2. 

B. Configure an explicit network command for the 172.16.10.0 subnet on R2. 

C. Subnet information cannot be passed between IBGP peers. 

D. Disable auto-summary on R1. 

Answer: B 
Explanation: 

By default, BGP does not accept subnets redistributed from IGP. To advertise and carry subnet 
routes in BGP, use an explicit network command or the no auto-summary command. If you 
disable auto-summarization and have not entered a network command, you will not advertise 
network routes for networks with subnet routes unless they contain a summary route. 


QUESTION 520 

Refer to the exhibit. After a link flap in the network, which two EIGRP neighbors will not be 
queried for alternative paths? (Choose two.) 


rl3#show ip eigrp nei det 









IP 

-EIGRP neighbors for process 100 








H 

Address 

Interface 


Hold 

Uptime 

SRTT 

RTO 

Q 

Seq 





(sec) 


(ms) 

Cnt 

Num 

1 

192.168.1.1 

EtO/O 


9999 

' 00:20:26 

9 

200 

0 

9 


Version 12.4/1.2, Retrans: 0, Retries: 

0, 

Prefixes: 1 





4 

192.168.3.7 

EtO/2 


10 

00:21:07 

25 

200 

0 

27 


Version 12.4/1.2, Retrans: 0, Retries: 

0 








Stub Peer Advertising ( 

STATIC ) Routes 








Suppressing queries 









3 

192.168.3.8 

EtO/2 



00:21:26 

26 

200 

0 

25 


Version 12.4/1.2, Retrans: 0, Retries: 

0 








Stub Peer Advertising ( 

SUMMARY ) Routes 








Suppressing queries 









2 

192.168.3.6 /^>SC>y\X 

Restart time 00:33:14 

EtO/2 


14 

00:33:41 

16 

200 

0 

19 


Version 12.4/1.2, Retrans: 0, Retries: 

0, 

Prefixes: 1 





0 

192.168.2.1 

Restart time 00:33:14 

EtO/1 


9999 

' 00:43:06 

17 

200 

0 

6 


Version 12.4/1.2, Retrans: 2, Retries: 

Or 

Prefixes: 1 





5 

192.168.3.9 

Restart time 00:33:14 

EtO/2 


11 

00:33:41 

16 

200 

0 

19 


Version 12.4/1.2, Retrans: 0, Retries: 

0, 

Prefixes: 1 






A. 192.168.1.1 

B. 192.168.3.7 

C. 192.168.3.8 

D. 192.168.3.6 

E. 192.168.2.1 

F. 192.168.3.9 

Answer: BC 
Explanation: 

Both 192.168.3.7 & 192.168.3.8 are in an EIGRP Stub area 

The Enhanced Interior Gateway Routing Protocol (EIGRP) Stub Routing feature improves 
network stability, reduces resource utilization, and simplifies stub router configuration. Stub 
routing is commonly used in a hub and spoke network topology. In a hub and spoke network, one 
or more end (stub) networks are connected to a remote router (the spoke) that is connected to 
one or more distribution routers (the hub). The remote router is adjacent only to one or more 
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distribution routers. The only route for IP traffic to follow into the remote router is through a 
distribution router. This type of configuration is commonly used in WAN topologies where the 
distribution router is directly connected to a WAN. The distribution router can be connected to 
many more remote routers. Often, the distribution router will be connected to 100 or more remote 
routers. In a hub and spoke topology, the remote router must forward all nonlocal traffic to a 
distribution router, so it becomes unnecessary for the remote router to hold a complete routing 
table. Generally, the distribution router need not send anything more than a default route to the 
remote router. 

When using the EIGRP Stub Routing feature, you need to configure the distribution and remote 
routers to use EIGRP, and to configure only the remote router as a stub. Only specified routes 
are propagated from the remote (stub) router. The router responds to queries for summaries, 
connected routes, redistributed static routes, external routes, and internal routes with the 
message "inaccessible." A router that is configured as a stub will send a special peer information 
packet to all neighboring routers to report its status as a stub router. Any neighbor that receives a 
packet informing it of the stub status will not query the stub router for any routes, and a router that 
has a stub peer will not query that peer. The stub router will depend on the distribution router to 
send the proper updates to all peers. 


QUESTION 521 

Refer to the exhibit. Why is AS 65333 in parentheses? 


BGP table version is 11, local router 

ID is 192.168.3.2 


Status codes 

: s suppressed, d damped, 
r RIB-failure, S Stale 

h history, * valid, > best, i - internal, 

Origin codes 

: i - IGP, e - EGP, ? - incomplete 


Network 

Next Hop A /Z-A'j- 

Metric LocPrf Weight 

Path 

* 172.16.1. 

0/24 172.16.1.1 

0 100 0 

(65333) 62000 ? 

*>i 

JL^l68.2.1 

0 100 0 

62000 ? 


A. It is an external AS. 

B. It is a confederation AS. 

C. It is the AS of a route reflector. 

D. It is our own AS. 

E. A route map has been applied to this route. 

F. The BGP next hop is unreachable. 

Answer: B 
Explanation: 

The AS numbers that are part of the confederation are grouped between parentheses and are 
replaced by the confederation identifier (the real AS number) in nonconfederation eBGP 
sessions.. 


QUESTION 522 

Refer to the exhibit. Which action would make the router the active VRRP router? 
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Router#show vrrp 
EthernetO/O - Group 30 
State is Backup 

Virtual IP address is 10.1.1.30 
Virtual MAC address is 0000.5e00.Olle 
Advertisement interval is 1.000 sec 
Preemption enabled 
Priority is 45 (cfgd 100) 

Track object 1 state Down decrement 55 
Track object 2 state Up decrement 55 
Master Router is 10.1.1.101, priority is 50 
Master Advertisement interval is 1.000 sec 
Master Down interval is 3.414 sec (expires in 2.982 sec) 

Router#show run | inc track 

track 1 interface Seriall/0 line-protocol 

track 2 interface Seriall/1 line-protocol 


A. Recover interface Serial 1/0. 

B. Increase priority in the configuration to 100. 

C. Change the interface tracking priority to 100. 

D. Recover interface Serial 1/1. 

Answer: A 
Explanation: 

As VRRP Group 30 is configured with preemption all that is required is that the VRRP Priority be 
higher than that of the current active VRRP router and the current master router priority is 50. 


QUESTION 523 

Refer to the Exhibit. The displayed QoS configuration has been configured on a router. 

IPv6 is being implemented on the router, and it is required to convert the QoS policy to support 
both IPv4 and IPv6 on the same class. 

Which alternative configuration would allow matching DSCP AF41 for both IPv4 and IPv6 on the 
same class map? 


t 

class-map match-all CLASSl 
match ip dscp af41 

t 


A. Class-map match-all CLASSl 
Match dscp af41 

B. Class-map match-all CLASSl 
Match ip dscp af41 

Match ipv6 dscp af41 

C. Class-map match-any CLASSl 
Match ip dscp af41 

Match ipv6 dscp af41 

D. Class-map match-any CLASSl 
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Match qos-group af41 

Answer: A 

QUESTION 524 

Voice quality is bad due to high delay and jitter on a link. Which two actions will improve the 
quality of voice calls? (Choose two.) 

A. Increase the queue size of the voice class. 

B. Guarantee bandwidth during congestion to the voice class with a bandwidth command. 

C. Increase the tx-ring of the egress interface. 

D. Implement LLQ for the voice class. 

E. Decrease the rx-ring of the egress interface. 

F. Decrease the queue size of the voice class. 

Answer: DF 


QUESTION 525 

Refer to the exhibit. On what will the config class-map VOICE match? 

access-list 101 permit udp any any range 16384 32767 

l 


Class-map match-any 

VOICE 

Match access-group 

101 

Match ip dscp ef 



A. only on UDP traffic between port ranges 16384 and 32767 

B. only on DSCP EF traffic 

C. on UDP traffic between port ranges 16384 and 32767, and on DSCP EF traffic 

D. only on EF traffic that is UDP and within the UDP range of 16384 and 32767 

Answer: C 


QUESTION 526 

Refer to the exhibit. Assuming that the routing protocol for this network is EIGRP, if the link 
between R1 and R3 failed, what would R4 receive from R3? 





R2 


A. R4 would receive an update noting R3's higher cost to reach 172.30.1.0/24. 
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B. R4 would not receive any updates or queries, since R3 would simply move to the path through 
R2. 

C. R4 would receive a query, since R3 would mark 172.30.1.0/24 as active when the link between 
R1 and R4 failed. 

D. R4 would not receive any packets, since R3 is not using the link to R1 to reach 172.30.1.0/24. 

Answer: A 


QUESTION 527 

Which three statements accurately describe a link-state routing protocol? (Choose three.) 

A. Each router sends routing information to all nodes in the flooding domain. 

B. Each router sends all or some portion of its routing table to neighboring routers. 

C. Each router individually builds a picture of the entire flooding domain. 

D. Each router has knowledge of all other routers in the flooding domain. 

E. Each router is only aware of neighboring routers. 

F. Each router installs routes directly from the routing updates into the routing table. 

Answer: ACD 


QUESTION 528 

Refer to the exhibit. What is true about the configuration in this exhibit? 


class-map type inspect match-all cl 
match access-group 101 
match protocol http 
policy-map type inspect pi 
class type inspect cl 
drop 


A. It is an invalid configuration because it includes both an application layer match and and a 
Layer 3 ACL. 

B. It will create a class map that matches the content of ACL 101 and the HTTP protocol, and will 
then create an inspection policy that will drop packets at the class map. 

C. It will create a class map that matches the content of ACL 101 and the HTTP protocol, and will 
then create an inspection policy that will allow packets at the class map. 

D. It will create a class map that matches the content of ACL 101 or the HTTP protocol (depending 
on the zone of the interface), and will then create an inspection policy that will drop packets at the 
class map. 

E. It will create a class map that matches the content of ACL 101 or the HTTP protocol (depending 
on the zone of the interface), and will then create an inspection policy that will allow packets at the 
class map. 

F. It is an invalid configuration because the class map and policy map names must match. 

Answer: B 


QUESTION 529 

Refer to the exhibit. You are trying to police down to 100 Mb/s. While testing, you notice that you 
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rarely exceed 70-80 Mb/s. What do you need to change in your MQC configuration to allow for 
100 Mb/s speeds? 





10.1.2.1/24 

GiO/2 


10.1.1.1/24 

Gi0/1 


Switch# shQ w_ i[ pqJ(3l5yc5talp) O v 
PolipyVMara 
Glass Glass-default 
tpblice cir lOOOOCOCO be 1250C00 
conform-action transmit 
exceed-action drop 



A. Change the CIR value from 100 Mb/s to 200 Mb/s. 

B. Change the Be value to allow for a large enough burst. 

C. Change the QoS queue from default to priority. 

D. Change the exceed-action to transmit. 

Answer: B 
Explanation: 

Burst size-Also called the Committed Burst (Be) size, it specifies in bits (or bytes) per burst how 
much traffic can be sent within a given unit of time to not create scheduling concerns. (For a 
shaper, such as GTS, it specifies bits per burst; for a policer, such as CAR, it specifies bytes per 
burst.) 


QUESTION 530 

Which feature would prevent guest users from gaining network access by unplugging an IP 
phone 

and connecting a laptop computer? 

A. IPSecVPN 

B. SSL VPN 

C. port security 

D. port security with statically configured MAC addresses 

E. private VLANs 

Answer: D 


QUESTION 531 

Which three statements about VTP version 3 are true? (Choose three.) 

A. It supports other databases in addition to VLAN. 

B. It supports VLANs up to 4095. 

C. It supports the synchronization of switch configuration templates between switches in the domain. 

D. It supports the transfer of information about private VLAN structures. 
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E. It supports the transfer of PVST+ configuration information. 

F. It supports RSTP. 

Answer: ABD 


QUESTION 532 

In an STP domain, which two statements are true for a nonroot switch, when it receives a 
configuration BPDU from the root bridge with the TC bit set? (Choose two.) 

A. It sets the MAC table aging time to max_age + forward_delay time. 

B. It sets the MAC table aging time to forward_delay time. 

C. It recalculates the STP topology upon receiving topology change notification from the root switch. 

D. It receives the topology change BPDU on both forwarding and blocking ports. 

Answer: BD 


QUESTION 533 

Which two statements about RSTP and MSTP BPDUs are true? (Choose two.) 

A. MSTP switches can detect boundary ports when they receive RSTP version 2 BPDUs. 

B. MSTP switches can detect boundary ports when they receive RSTP version 1 BPDUs. 

C. RSTP switches can process MSTP version 3 BPDUs. 

D. When all boundary switches are running RSTP, MST sends only version 0 configuration BPDUs. 
Answer: AC 


QUESTION 534 

Which three options are sources from which a SPAN session can copy traffic? (Choose three.) 

A. ports 

B. EtherChannels 

C. VLANs 

D. subnets 

E. primary IP addresses 

F. secondary IP addresses 

Answer: ABC 


QUESTION 535 

Which three capabilities are provided by MLD snooping? (Choose three.) 

A. dynamic port learning 

B. IPv6 multicast router discovery 

C. user-configured ports age out automatically 

D. a 5-minute aging timer 

E. flooding control packets to the egress VLAN 

F. a 60-second aging timer 
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Answer: ABD 


QUESTION 536 

Refer to the exhibit. Which two statements about the implementation are true? (Choose two.) 


Interface SetialO/1 
ppp nultilink 
multilink-group 2 
ppp nultilink interleave 
ppp nultilink multiclass 


A. The PPP multilink protocol header is omitted on delay-sensitive packets. 

B. The maximum number of fragments is 1. 

C. Small real-time packets are multilink-encapsulated. 

D. A transmit queue is provided for smaller packets. 

Answer: AD 


QUESTION 537 

Which two statements are characteristics of Ethernet private LAN circuits? (Choose two.) 

A. They support communication between two or more customer endpoints. 

B. They utilize more than one bridge domain. 

C. They support point-to-multipoint EVC. 

D. They support multipoint-to-multipoint EVC. 

Answer: AD 


QUESTION 538 

Which two statements about Inverse ARP are true? (Choose two.) 

A. It uses the same operation code as ARP. 

B. It uses the same packet format as ARP. 

C. It uses ARP stuffing. 

D. It supports static mapping. 

E. It translates Layer 2 addresses to Layer 3 addresses. 

F. It translates Layer 3 addresses to Layer 2 addresses. 

Answer: BE 


QUESTION 539 

Refer to the exhibit. R3 is failing to join the multicast group 224.1.1.1 that is sourcing from R1. 
Which two actions can you take to allow multicast traffic to flow correctly? (Choose two.) 
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interface GigabitCthernetO/O 
ip address 152.168,1.1 255.255.255.248 
ip pirn sparse-MOde 
interface TunneilO 
tunnel-source GigabitEthernetO/O 
tunnel-destination 10.2.2.3 
ip address 172.28.8.1 255.255.255.248 
ip pirn sparse-mode 
router ospf 1 

network 152.168.1.1 0.0.0.0 area 0 
ip mroute 224.1.1.0 255.255.255.0 172.28.8.2 

R2 

interface GigabitEthernet0/0 

ip address 152.163.1.2 255.255.255.248 

ip pin sparse-mode 

interface GigabitEthernetO/1 

ip address 10.2.2.2 255.255.255.248 

ip pim sparse-mode 

router ospf 1 

network 0.0.0.0 255.255.255.255 area 0 



R3 

interface GigabitEthernetO/0 

ip address 10.2.2.3 255.255.255.248 

ip pim sparse-mode 

ip igmp join-group 224.1.1.1 

interface TunneilO 

tunnel-source GigabitEthernetO/0 

tunnel-destination 152.168.1.1 

ip address 172.28.8.3 255.255.255.248 

ip pim sparse-mode 

router ospf 1 

network 10.2.2.3 0.0.0.0 area 0 


A. Remove the static multicast route on R1. 

B. Configure OSPF on R1 and R3 to include the tunnel interfaces. 

C. Add an additional static multicast route on R2 for multicast group 224.1.1.1 toward R3. 

D. Replace the static multicast route on R1 to send traffic toward R2. 

E. Remove the static unicast route on R1. 

F. Add an additional static unicast route on R2 toward the loopback interface of R3. 

Answer: AB 


QUESTION 540 

Which two modes of operation does BFD support? (Choose two.) 

A. synchronous mode 

B. asynchronous mode 

C. demand mode 

D. echo mode 

E. aggressive mode 

F. passive mode 

Answer: BC 
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QUESTION 541 

Which two loop-prevention mechanisms are implemented in BGP? (Choose two.) 

A. A route with its own AS in the AS_PATH is dropped automatically if the route reenters its own AS. 

B. A route with its own cluster ID in the CLUSTERJJST is dropped automatically when the route 
reenters its own AS. 

C. The command bgp allowas-in enables a route with its own AS_PATH to be dropped when it 
reenters its own AS. 

D. The command bgp bestpath as-path ignore enables the strict checking of AS_PATH so that they 
drop routes with their own AS in the AS_PATH. 

E. The command bgp bestpath med missing-as-worst assigns the smallest possible MED, which 
directly prevents a loop. 

Answer: AB 


QUESTION 542 

Refer to the exhibit. RIPv2 authentication is failing on a device with this configuration. Which two 
actions can you take to enable it? (Choose two.) 


key chain kcl 
key 1 

key-string ripauth 
interface SerialO 

ip address 10.i.1.1 255.255.2SS.252 
ip tip authentication key-chain kcl 
router rip 
version 2 
network 10.0.0.0 


A. Set the RIP authentication mode to text. 

B. Set the RIP authentication mode to MD5. 

C. Configure the password encryption for the key. 

D. Set the password encryption to AES. 

Answer: AB 


QUESTION 543 

Which three routing protocols utilize TLVs? (Choose three.) 

A. BGP 

B. IS-IS 

C. ODR 

D. OSPF 

E. EIGRP 

F. RIP 

Answer: ABE 
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QUESTION 544 

Which two statements about the command distance bgp 90 60 120 are true? (Choose two.) 

A. Implementing the command is a Cisco best practice. 

B. The external distance it sets is preferred over the internal distance. 

C. The internal distance it sets is preferred over the external distance. 

D. The local distance it sets may conflict with the EIGRP administrative distance. 

E. The internal distance it sets may conflict with the EIGRP administrative distance. 

F. The local distance it sets may conflict with the RIP administrative distance. 

Answer: CF 


QUESTION 545 

Refer to the exhibit. Route exchange is failing on a PE edge device configured with this VRF-Lite. 
Which action can you take to correct the problem? 


vrf definition vl 
rd 1:1 

address-family ipv4 
exit-addres s-family 
address-family ipv6 
exit-addres s-family 

vrf definition v2 
rd 2:2 

address-family ipv6 
exit-address-f amily 

interface FastEthernetO/O 
no ip address 

interface FastEthernetO/0.100 
encapsulation dotlQ 100 
vrf forwarding vl 

ip address 192.168.1.1 255.255.255.0 
ipv€ enable 
ospfv3 1 ipv€ area 0 
ospfv3 1 ipv4 area 0 
interface FastEthernetO/0.200 
encapsulation dotlQ 200 
vrf forwarding v2 
ipv6 enable 
ospfv3 1 ipv6 area 0 
interface FastEthernetO/1 
vrf forwarding vl 
ip address 10.1.1.1 255.255.255.0 
ipv6 enable 
ospfv3 1 ipv6 area 1 
ospfv3 1 ipv4 area 0 
no keepalive 

interface FastEthernetO/2 
vrf forwarding v2 
no ip address 

ipv6 address 2001:DBS:1::1 

ipv6 enable 

ospfv3 1 ipv6 area 1 


router ospfv3 1 

add re33- family ipv€ unica3t vrf v2 
router-id 192.168.2.1 
exit-address-family 

address-family ipv4 unicast vrf vl 
router-id 192.168.1.4 
exit-address-family 

address-family ipv6 unicast vrf vl 
router-id 192.168.1.1 
exit-address-family 


A. Configure the vrf-lite capability under the OSPF address families. 
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B. Correct the route descriptors. 

C. Correct the OSPF router-ids. 

D. Configure the control plane with a larger memory allocation to allow the device to appear in the 
routing table. 

Answer: A 


QUESTION 546 

Refer to the exhibit. Which option is the result of this configuration? 


router ospt 1 

network 152.168.10.0 0.0.0.255 area 0 
network 172.22.15.0 0.0.0.255 area 15 
area 15 range 152.168.0.0 255.255.0.0 not-adveitise 


A. Devices in OSPF area 15 can reach the summary route 192.168.0.0/16 and its more specific 
subnets. 

B. Devices in OSPF area 15 can reach only the more specific routes of 192.168.0.0/16. 

C. Devices in OSPF area 0 can reach the summary route 192.168.0.0/16 and its more specific 
subnets. 

D. Devices in OSPF area 0 can reach only the summary route of 192.168.0.0/16. 

Answer: A 


QUESTION 547 

Which two technologies are supported by EIGRP? (Choose two.) 

A. clear-text authentication 

B. MD5 authentication 

C. stub routing 

D. multiple areas 

Answer: BC 


QUESTION 548 

How does having an EIGRP feasible successor speed up convergence? 

A. EIGRP sends queries only if there is a feasible successor, which decreases the number of routers 
that are involved in convergence. 

B. EIGRP sends queries only if there is not a feasible successor, which causes less control traffic to 
compete with data. 

C. EIGRP immediately installs the loop-free alternative path in the RIB. 

D. EIGRP preinstalls the feasible successor in the RIB in all cases, which causes traffic to switch 
more quickly. 

Answer: C 
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QUESTION 549 

Which two options are ways in which an OSPFv3 router handles hello packets with a clear 
address-family bit? (Choose two.) 

A. IPv4 unicast packets are discarded. 

B. IPv6 unicast packets are discarded. 

C. IPv4 unicast packets are forwarded. 

D. IPv6 unicast packets are forwarded. 

Answer: AD 


QUESTION 550 

Which two statements about OSPF route types are true? (Choose two.) 

A. The cost of an external type 2 route is the sum of the external and internal costs. 

B. The cost of an external type 2 route is the same as the external cost. 

C. Intra-area routes originate outside of their area. 

D. Inter-area routes originate inside their area. 

E. The cost of an external type 1 route is the same as the internal cost. 

F. For routes to the same destination, external type 1 routes are preferred over external type 2 
routes. 

Answer: BF 


QUESTION 551 

A company is multihomed to several Internet providers using EBGP. Which two measures 
guarantee that the network of the company does not become a transit AS for Internet traffic? 

(Choose two.) 

A. Prepend three times the AS number of the company to the AS path list. 

B. Add the community NO_EXPORT when sending updates to EBGP neighbors. 

C. Write AS-path access-list which permits one AS long paths only and use it to filter updates sent to 
EBGP neighbors. 

D. Add the community NO_EXPORT when receiving updates from EBGP neighbors. 

Answer: CD 


QUESTION 552 

Which BGP feature allows a router to maintain its current BGP configuration while it advertises a 
different AS number to new connections? 

A. local-AS 

B. next-hop-self 

C. allow-AS in 

D. soft reset 

Answer: A 
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QUESTION 553 

Which problem can result when private AS numbers are included in advertisements that are sent 
to the global Internet BGP table? 

A. The prefixes sent with private AS numbers are always discarded on the Internet. 

B. The prefixes sent with private AS numbers are always tagged as invalid on the Internet. 

C. The prefixes sent with private AS numbers lack uniqueness, which can lead to a loss of 

connectivity. 

D. The prefixes sent with private AS numbers are sometimes tagged as invalid on the Internet. 

Answer: C 

QUESTION 554 

Which two statements about the BGP community attribute are true? (Choose two.) 

A. Routers send the community attribute to all BGP neighbors automatically. 

B. A router can change a received community attribute before advertising it to peers. 

C. It is a well-known, discretionary BGP attribute. 

D. It is an optional transitive BGP attribute. 

E. A prefix can support only one community attribute. 

Answer: BD 


QUESTION 555 

Refer to the exhibit. Which AS paths are matched by this access list? 


ip as-parh acce33-list 1 permit *64496_[0-9]*$ 


A. the origin AS 64496 only 

B. the origin AS 64496 and any ASs after AS 64496 

C. the directly attached AS 64496 and any ASs directly attached to AS 64496 

D. the directly attached AS 64496 and any longer AS paths 

Answer: C 


QUESTION 556 

Which two features improve BGP convergence? (Choose two.) 

A. next-hop address tracking 

B. additional paths 

C. advertise map 

D. communities 

E. soft reconfiguration 

Answer: AB 
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QUESTION 557 

Refer to the exhibit. The spokes of the DMVPN with the given configuration are having QoS 
issues. 

Which two actions can you take to resolve the problem? (Choose two.) 


crypto isakmp policy 1 

authentication pre-share 
crypto isakmp key dmvpn address 0.0.0.0 0.0.0.0 

crypto ipsec transform-set vpntrans ah-sha-hmac esp-aes 25c esp-sha-hmac 
crypto ipsec profile DHYPN-PP.QF 
set transform-set vpntrans 

policy-map SHAPE 

class class-default 
shape average 200000 

interface LoopbackO 

ip address 10.1.1.1 255.255.255.0 

interface TunnelO 

ip address 192.168.1.1 255.255.255.0 

no ip next-hop-self eigrp 1 

ip nhrp authentication dmvpn 

ip nhrp map multicast dynamic 

ip nhrp network-id 99 

ip tcp adjust-mss 1360 

no ip split-horizon eigrp 1 

tunnel source Senall/0 

tunnel mode gre multipoint 

tunnel protection ipsec profile DMVPN-PR0F 

interface Senall/0 

ip address 172.16.1.1 255.255.255.248 
encapsulation frame-relay 
frame-relay inverse-arp 

router eigrp 1 

network 10.0.0.0 
network 192.168.1.0 


A. Configure qos pre-classify on the tunnel interface. 

B. Configure an NHRP group on the tunnel interface and associate it to a QoS policy. 

C. Modify the configuration of the IPsec policy to accept QoS policies. 

D. Manually configure a QoS policy on the serial interface. 

E. Configure the bandwidth statement on the tunnel interface. 

F. Configure the bandwidth statement on the serial interface. 

Answer: AB 


QUESTION 558 

Which three statements about the route preference of IS-IS are true? (Choose three.) 
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A. An LI path is preferred over an L2 path. 

B. An L2 path is preferred over an LI path. 

C. Within each level, a path that supports optional metrics is preferred over a path that supports only 
the default metric. 

D. Within each level of metric support, the path with the lowest metric is preferred. 

E. The Cisco IS-IS implementation usually performs equal cost path load balancing on up to eight 
paths. 

F. Both LI and L2 routes will be installed in the routing table at the same time. 

Answer: ACD 


QUESTION 559 

Refer to the exhibit. Which three statements about the R1 configuration are true? (Choose three.) 


Rl#shov mpls 12transport vc 1611 detail 

Local interface: Gi4/0/2 up, line protocol up, Eth VLAN 1611 up 
Destination address: 172.16.12.70, VC ID: 1611, VC status: down 
Output interface: none, imposed label stack () 

Preferred path: not configured 
Default path: no route 
No adjacency 

Create time: 4v2d, last status change time: 4v2d 
Signaling protocol: LDP, peer 172.16.12.70:0 up 

Targeted Hello: 172.16.152.80<LDP Id) -> 172.16.12.70 

Status TLV support (local/remote} : enabled/unknown (no remote binding) 

Label/status state machine : local ready, LruPnd 

Last local dataplane status rcvd: no fault 

Last local SSS circuit status rcvd: no fault 

Last local SSS circuit status sent: not sent 

Last local LDP TLV status sent: no fault 

Last remote LDP TLV status rcvd: unknown (no remote binding) 

MPLS VC labels: local 4006, remote unassigned 
Group ID: local 0, remote unknown 
MTU: local 1S00, remote unknown 
Remote interface description: 

Sequencing: receive disabled, send disabled 
VC statistics: 

packet totals: receive 0, send 0 
byte totals: receive 0, send 0 

packet drops: receive 0, seq error 0, send 0 


A. The virtual circuit identifier is 1611 and the virtual circuit is down. 

B. The local label for the circuit is 4006. 

C. The targeted LDP session to the remote peer is up. 

D. The local label for the circuit is 1611. 

E. The virtual circuit identifier is 4006 and the virtual circuit is down. 

F. The circuit is using MPLS VC type 4. 

Answer: ABC 
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QUESTION 560 

Which two statements about 6VPE are true? (Choose two.) 

A. It allows a service provider to use an existing MPLS network to provide VPN services to IPv6 
customers. 

B. It uses MP-BGP as the carrier protocol to transport IPv6 connectivity. 

C. It provides IPv6 connectivity to MPLS-VPN customers when IPv6 overlay tunneling is also 
configured. 

D. It allows a service provider to use an existing MPLS network to provide global addressing to their 
IPv6 customers. 

E. It requires the configuration of a GRE tunnel tagged with a VLAN ID. 

F. It allows a service provider to use an existing L2TPv3 network to provide VPN services to IPv6 
customers. 

Answer: AB 


QUESTION 561 

Which statement about OTV is true? 

A. The overlay interface becomes active only when configuration is complete and it is manually 
enabled. 

B. OTV data groups can operate only in PIM sparse-mode. 

C. The overlay interface becomes active immediately when it is configured. 

D. The interface facing the OTV groups must be configured with the highest MTU possible. 

Answer: A 


QUESTION 562 

Refer to the exhibit. Which two configuration changes enable the user admin to log in to the 
device? (Choose two.) 


username admin privilege 15 password 5ECUREPASSV0PD 
aaa new-model 

aaa authentication login default group tacacs-t- local-case 
aaa authentication enable default group tacacs+ enable 
aaa authorization console 

aaa authorization exec default group tacacs-t- if-authenticated 

aaa authorization commands 1 default group tacacs-t- local lf-authenticated 

aaa authorization commands 4 default group tacacs-t- if-authenticated 

aaa authorization commands 15 default group tacacs-t- local if-authenticated 

aaa accounting exec default start-stop group tacacs+ 

aaa accounting commands 1 default start-stop group tacacs-t- 

aaa accounting commands IS default start-stop group tacacs-t- 

aaa session-id common 


A. Configure the login authentication to be case-insensitive. 

B. Configure the user admin with a password and appropriate privileges. 

C. Configure the login authentication to be case-sensitive. 

D. Modify the configuration to use a named group. 
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E. Configure additional login authentication under the terminal lines. 

Answer: AB 


QUESTION 563 

Which two advantages does CoPP have over receive path ACLs? (Choose two.) 

A. Only CoPP applies to IP packets and non-IP packets. 

B. Only CoPP applies to receive destination IP packets. 

C. A single instance of CoPP can be applied to all packets to the router, while rACLs require multiple 
instances. 

D. Only CoPP can rate-limit packets. 

Answer: AD 


QUESTION 564 

Which command drops packets with unknown source addresses until you remove a sufficient 
number of secure MAC addresses to drop below the maximum value, and also causes the 
Security Violation counter to increment? 

A. switchport port-security violation protect 

B. switchport port-security violation drop 

C. switchport port-security violation shutdown 

D. switchport port-security violation restrict 

Answer: D 


QUESTION 565 

Which two tasks are required for configuring SNMP to send traps on a Cisco IOS device? 
(Choose two.) 

A. Create access controls for an SNMP community. 

B. Configure SNMP notifications. 

C. Configure the SNMP agent. 

D. Configure SNMP status monitoring and troubleshooting. 

E. Configure SNMP server group names. 

F. Configure the SNMP server engine ID. 

Answer: AB 


QUESTION 566 

Which two statements about SNMP traps are true? (Choose two.) 

A. They are sent by an agent after a specified event. 

B. They are sent when solicited after a specified event. 

C. They are equivalent to a community string. 

D. They provide solicited data to the manager. 

E. They are sent by a management station to an agent. 

F. Vendor-specific traps can be configured. 
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Answer: AF 


QUESTION 567 

A configuration includes the line ip nbar port-map SSH tcp 22 23 443 8080. Which option 
describes the effect of this configuration line? 

A. It configures NBAR to search for SSH using ports 22, 23, 443, and 8080. 

B. It configures NBAR to allow SSH connections only on ports 22, 23, 443, and 8080. 

C. It enables NBAR to inspect for SSH connections. 

D. It creates a custom NBAR port-map named SSH and associates TCP ports 22, 23, 443, and 8080 
to itself. 

Answer: A 


QUESTION 568 

Which configuration sets a minimum quality of service on a Layer 2 access switch? 


A. 

mis 

qos 

cos override 


mis 

qos 

cos 2 

B. 

mis 

qos 

cos 2 

C. 

mis 

qos 

trust cos 


mis 

qos 

cos 2 

D. 

mis 

qos 

trust cos 

E. 

mis 

qos 

trust dscp 


Answer: A 


QUESTION 569 

Which three statements about GLBP are true? (Choose three.) 

A. It uses a virtual MAC address that starts with 0070.b4. 

B. It elects a single active virtual gateway to appoint and manage multiple active virtual forwarders. 

C. It allows the configured virtual IP address to be used on a physical interface as well. 

D. It uses a virtual MAC address that starts with 0070.4b. 

E. It elects multiple active virtual gateways to appoint and manage a single active virtual forwarder. 

F. Preemption is enabled for the configured active virtual gateway by default. 

Answer: ABC 


QUESTION 570 

Refer to the exhibit. If the route to 10.1.1.1 is removed from the R2 routing table, which server 
becomes the master NTP server? 
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R2#shov run I include ntp 
nrp server 10.1.1.1 prefer 
ntp server 10.3.3.3 
ntp server 10.4.4.4 


A. R2 

B. the NTP server at 10.3.3.3 

C. the NTP server at 10.4.4.4 

D. the NTP server with the lowest stratum number 

Answer: D 


QUESTION 571 

Refer to the exhibit. Which feature can R1 use to fail over from R2 to R3 if the address for R2 
becomes unavailable? 



A. object tracking 

B. HSRP 

C. GLBP 

D. LACP 

Answer: A 


QUESTION 572 

Refer to the exhibit. Which two options are effects of the given configuration? (Choose two.) 
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Routerlfshow run 
interface FastEthetnetO/O 

lp address 10.20.10.1 255.255.255.0 
lp route-cache flov 

ip flow-export version 5 origm-as 
ip flow-export destination 209.165.200.227 49152 


A. It sets the data export destination to 209.165.200.227 on UDP port 49152. 

B. It enables Cisco Express Forwarding on interface FastEthernet0/0. 

C. It configures the export process to include the BGP peer AS of the router gathering the data. 

D. It enables NetFlow switching on interface FastEthernetO/O. 

E. It sets the data export destination to 209.165.200.227 on TCP port 49152. 

Answer: AD 


QUESTION 573 

Which three options are components of an EEM CLI policy? (Choose three.) 

A. Safe-Tcl 

B. applet name 

C. FastTcl 

D. event 

E. action 

F. Tel bytecode 

Answer: BDE 


QUESTION 574 

Which option is a core event publisher for EEM? 

A. Timer 

B. Policy Director 

C. Applet 

D. Script 

Answer: A 


QUESTION 575 

Refer to the exhibit. You are configuring the SI switch for the switch port that connects to the 
client computer. Which configuration blocks users on the port from using more than 6 Mbps of 
traffic and marks the traffic for a class of service of 1 ? 
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A. 


B. 


class-map match-all cosl 
match any 
policy-map ccsl 
class cosl 
3et cosl 

police cir 6000000 be 1125000 be 2250000 ccnfonn-action 
set-dsep-transmit csl exceed-action drop 
violate-action drop 


cla 33 -map match-any ccsl 
match any 
policy-map cosl 
class cosl 

police cir 6000000 be 1125000 be 2250000 conform-action 
3et-dscp-transmit C3l exceed-action drop 
violate-action drop 


C. 


cla3s-map match-all ccsl 
match any 
policy-map cosl 
class cosl 
set cosl 

policy cir 6000000 conform-action set-dsep-transmit csl 
exceed-action permit violate-action permit 


D. 


class-map match-any ccsl 
match any 
policy-map cosl 
class cosl 
set ccsl 

policy cir 6000000 conform-action transmit exceed-action 
permit violate-action drop 
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Answer: A 


QUESTION 576 

A TCP/IP host is able to transmit small amounts of data (typically less than 1500 bytes), but 
attempts to transmit larger amounts of data hang and then time out. What is the cause of this 
problem? 

A. A link is flapping between two intermediate devices. 

B. The processor of an intermediate router is averaging 90 percent utilization. 

C. A port on the switch that is connected to the TCP/IP host is duplicating traffic and sending it to a port 
that has a sniffer attached. 

D. There is a PMTUD failure in the network path. 

Answer: D 


QUESTION 577 

Refer to the exhibit. ICMP Echo requests from host A are not reaching the intended destination 
on host B. What is the problem? 


Internet Protocol Version 4, Src: 10.145.4.110 (10.145.4.110), Dst: 152.168.3.1 (152.168.3.1) 

Version: 4 

Header length: 20 bytes 

Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport)) 
Total Length: 60 
Identification: 0x64ac (25772) 

Flags: 0x00 
Fragment offset: 0 
Time to live: 1 
Protocol: ICMP (1) 

Header checksum: 0x3265 [correct] 

Source: 10.145.4.110 (10.145.4.110) 

Destination: 152.168.3.1 (152.168.3.1) 

Internet Control Message Protocol 
Type: 8 (Echo (ping) request) 

Code: 0 

Checksum: 0x4d3d [correct] 

Identifier (3E): 1 (0x0001) 

Identifier (LE): 256 (0x0100) 

Sequence number (BE): 30 (OxOOle) 

Sequence number (LE): 7680 (OxleOO) 

Data (32 bytes) 

0000 61 62 63 64 65 66 67 63 65 6a 6b 6c 6d 6e 6f 70 abcdefghijklmnop 

0010 71 72 73 74 75 76 77 61 62 63 64 65 66 67 68 65 qrstuvwabcdefghi 

Data: 6162636465666768656a6b6c6d6e6f707172737475767761... 

[Length: 32] 


A. The ICMP payload is malformed. 

B. The ICMP Identifier (BE) is invalid. 

C. The negotiation of the connection failed. 

D. The packet is dropped at the next hop. 

E. The link is congested. 

Answer: D 


QUESTION 578 

Refer to the exhibit. Which statement is true? 
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R101#show ip 

Srclf 

cache flow 







SrcIPaddress 

Dstlf 

DstIPaddress 

Pr 

SrcP 

DstP 

Pkts 

EtO/O 

10.0.0.1 

EtO/O 

15.0.0.2 

01 

0000 

0800 

2603 


A. It is impossible for the destination interface to equal the source interface. 

B. NAT on a stick is performed on interface EtO/O. 

C. There is a potential routing loop. 

D. This output represents a UDP flow or a TCP flow. 

Answer: C 


QUESTION 579 

Which three conditions can cause excessive unicast flooding? (Choose three.) 

A. Asymmetric routing 

B. Repeated TCNs 

C. The use of HSRP 

D. Frames sent to FFFF.FFFF.FFFF 

E. MAC forwarding table overflow 

F. The use of Unicast Reverse Path Forwarding 

Answer: ABE 


QUESTION 580 

Refer to the exhibit. R10 in area 3 is not able to reach EIGRP routes that have been redistributed 
into OSPF on R7. 

Which two actions can be taken to resolve this issue, while maintaining connectivity to BGP 
routes that are redistributed on rl 1 ? (Choose two) 



A. Change area 3 from NSSA to a stub area. 

B. Change area 3 from NSSA to a totally stubby area. 
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C. Change area 3 from NSSA to a normal area. 

D. Change area 3 from NSSA to an NSSA totally stub area. 

Answer: CD 


QUESTION 581 

Refer to the exhibit. A host on the Internet (150.1.1.1) must be represented to the internal network 
as a local IP address. While testing, the configuration does not seem to work. 

What is wrong? 


ip nat inside source static 10.1.1.1 200.1.1.1 

ip nat outside source static 1C. 1.1. ICO 15C. 1.1.1 

j 

interface EthernetC/C 
ip address 10.1.1.10 255.255.255.0 
ip nat inside 

i 

interface SerialO/C 
ip address 120.16.2.1 255.255.255.C 
ip nat outside 

j 

ip route 10.1.1.10C 255.255.255.255 120.16.2.2 


A. The nat inside translation is incorrect. 

B. The static route is incorrect. 

C. The nat outside translation is incorrect. 

D. Instead of source nat, destination nat should be used on the inside. 

E. The problem is not related to NAT configuration. The NAT configuration is correct. 

Answer: C 


QUESTION 582 

Which congestion-avoidance or congestion-management technique can cause global 
synchronization? 

A. Tail drop 

B. Random early detection 

C. Weighted random early detection 

D. Weighted fair queuing 

Answer: A 


QUESTION 583 

Which group of neighbors can be configured as a BGP peer group? 

A. a group of iBGP neighbors that have the same outbound route policies 

B. a group of iBGP and eBGP neighbors that have the same inbound distribute-list 
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C. a group of eBGP neighbors in the same autonomous system that have different outbound route policies 

D. a group of iBGP neighbors that have different outbound route policies 

Answer: A 


QUESTION 584 

Refer to the exhibit. Notice that debug ip bgp updates has been enabled. What can you conclude 
from the debug output? 


BGP(O): 10.1.3.4 rcvd UPDATE w/ attr: nexthop 10.1.3.4, origin i, 
metric 0, merged path 4, AS_PATH 

BGP(O): 10.1.3.4 rcvd 10.100.1.1/32 ... duplicate ignored 


A. This is the result of the clear ip bgp 10.1.3.4 in command. 

B. This is the result of the clear ip bgp 10.1.3.4 out command. 

C. BGP neighbor 10.1.3.4 performed a graceful restart. 

D. BGP neighbor 10.1.3.4 established a new BGP session. 

Answer: A 


QUESTION 585 

In the DiffServ model, which class represents the lowest priority with the lowest drop probability? 

A. AF11 

B. AF13 

C. AF41 

D. AF43 

Answer: A 


QUESTION 586 

Which set of commands conditionally advertises 172.16.0.0/24 as long as 10.10.10.10/32 is in the 
routing table? 


A. 


neighbor x.x.x.x advertise-map ADV exist-map EXT 
route-map ADV 

match IP address prefix-list ADV 


j 

route-map EXT 

match IP address prefix-list EXT 
ip prefix-list EXT permit 172.16.0.0/24 

I 

ip prefix-list ADV permit 10.10.10.10/32 
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neighbor x.x.x.x advertise-map ADV exist-map EXT 
route-map ADV 

match IP address prefix-list ADV 

; 

route-map EXT 

match IP address prefix-list EXT 

j 

ip prefix-list ADV permit 172.16.0.0/24 

j 

ip prefix-list EXT permit 10.10.10.10/32 


neighbor x.x.x.x advertise-map ADV 
noute-map ADV 

match IP address prefix-list ADV 
match IP address prefix-list EXT 

ip prefix-list ADV permit 172.16.0.0/24 

j 

ip prefix-list EXT permit 10.10.10.10/32 


neighbor x.x.x.x advertise-map ADV 
noute-map ADV 

match IP address prefix-list ADV 
match IP address prefix-list EXT 

i 

ip prefix-list ADV permit 172.16.0.0/24 

j 

ip prefix-list EXT permit 10.10.10.10/32 


Answer: B 


QUESTION 587 

Refer to the exhibit. Why is R2 unable to ping the loopback interface of R4? 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


226 

















Pass Leader’ 

Leader of IT Certifications 


BGP AS65001 



R2#sh ip bgp 



BGP table version is 4, local router ID is 2.2.2.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal. 

r RIB-failure, S Stale 



Origin codes: i - IGP, e - EGP, ? 

■ incomplete 

Network Next Hop 

Metric LocPrf Weight Path 

*> 1.1.1.0/24 10.1.12.1 

0 

0 65105 i 

*> 2.2.2.0/24 0.0.0.0 

0 

32768i 

*>i3.3.3.0/24 10.1.23.3 

0 

100 Oi 

* i4.4.4.0/24 10.1.34.4 

0 

100 Oi 


A. The local preference is too high. 

B. The weight is too low. 

C. The next hop is not reachable from R2. 

D. The route originated from within the same AS. 

Answer: C 


QUESTION 588 

Refer to the exhibit. Which two statements about the output are true? (Choose two.) 


Switch# show spanning-tree vlan 1 detail 

VLAN0001 is executing the ieee compatible Spanning Tree protocol 

Bridge Identifier has priority 32768, sysid 1, address 0007.0e8f.04c0 
Configured hello time 2, max age 20, forward delay 15 
Current root has priority 8192, address 0007.4flc.e847 
Root port is 65 (GigabitEthernet2/l), cost of root path is 119 
Topology change flag not set, detected flag not set 
Number of topology changes 1 last change occurred 00:00:35 ago 
from GigabitEthernetl/1 

Times: hold 1, topology change 35, notification 2 

hello 2, max age 20, forward delay 15 
Timers: hello 0, topology change 0, notification 0, aging 300 


A. 802.1 D spanning tree is being used. 

B. Setting the priority of this switch to 0 for VLAN 1 would cause it to become the new root. 

C. The hello, max-age, and forward delay timers are not set to their default values. 

D. Spanning-tree PortFast is enabled on GigabitEthernetl/I. 
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Answer: AB 

QUESTION 589 

Which statement about the BGP originator ID is true? 

A. The route reflector always sets the originator ID to its own router ID. 

B. The route reflector sets the originator ID to the router ID of the route reflector client that injects the route 
into the AS. 

C. The route reflector client that injects the route into the AS sets the originator ID to its own router ID. 

D. The originator ID is set to match the cluster ID. 

Answer: B 


QUESTION 590 

Refer to the exhibit. Which two statements are true? (Choose two.) 


R5#show ip bgp 

BGP table version is 24, local router ID is 10.100.1.5 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, 
r RIB-failure, S Stale 

Origin codes: i - IGP, e - EGP, ? - incomplete 

Network Next Hop Metric LocPrf Weight Path 

*> 10.100.1.1/32 10.1.1.1 0 100 0 65001 23456 2 i 

r> 10.100.1.2/32 10.1.2.1 0 100 0 65001 23456 i 


A. This router is not 4-byte autonomous system aware. 

B. This router is 4-byte autonomous system aware. 

C. The prefix 10.100.1.1/32 was learned through an autonomous system number with a length of 4 bytes, 
and this router is 4-byte autonomous system aware. 

D. The prefix 10.100.1.1/32 was learned through an autonomous system number with a length of 4 bytes, 
and this router is not 4-byte autonomous system aware. 

E. The prefix 10.100.1.1/32 was originated from a 4-byte autonomous system. 

Answer: AD 


QUESTION 591 

Refer to the exhibit. Spanning tree protocol is running on all three switches. The switches are 
configured so that Link A is the active link, and Link B is the standby link. There is a problem 
occurring where Switch B starts forwarding on Link B causing a routing loop. 
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Switch A Switch B 

STP Root 



Switch C 


What is the likely cause of the problem? 

A. PortFast is not enabled. 

B. There is a port duplex mismatch. 

C. MISTP is enabled without RSTP. 

D. A single instance of STP is enabled instead of PVST. 

Answer: B 


QUESTION 592 

While troubleshooting a BGP neighborship, you notice that the neighborship is constantly going 
up and down. What is causing the neighbors to flap? 

A. The traffic-shaping and rate-limiting parameters are in correct. 

B. There is a BGP timer mismatch between both neighbors. 

C. There is a routing issue between both neighbors. 

D. A firewall is blocking TCP packets with port 179. 

E. There is a mismatch on the BGP update source between both neighbors. 

F. EBGP multihop has not been configured on the neighbors. 

Answer: A 


QUESTION 593 

Refer to the exhibit. An EBGP session is not established between Routerl and Router2. 
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Router 1 


interface LoopbackO 
ip address 2.2.2.2 255.255.255.255 

; 

interface Seriall 

ip address 10.10.10.1 255.255.255.0 

; 

router bgp 300 

neighbor 1.1.1.1 remote-as 400 
neighbor 1.1.1.1 ebgp-multihop 2 
neighbor 1.1.1.1 update-source LoopbackO 

Router 2 


interface LoopbackO 
ip address 1.1.1.1 255.255.255.255 

interface SerialO 

ip address 10.10.10.2 255.255.255.0 

; 

router bgp 400 

neighbor 2.2.2.2 remote-as 300 
neighbor 2.2.2.2 ebgp-multihop 2 
neighbor 2.2.2.2 update-source LoopbackO 


A. The ebgp-multihop value must be increased to 3. 

B. A static route needs to be added on Routerl and Router2. 

C. The update-source loopback 0 command needs to be removed. 

D. Use the serial interface IP addresses in the neighbor command, but leave the update source 
pointing to loopback 0. 

Answer: B 


QUESTION 594 

While troubleshooting OSPF issues on a broadcast network, the network administrator notices 
that some routers are stuck in two-way state. 

What is the cause of this issue? 

A. This is normal on OSPF broadcast network types. 

B. The network type is configured incorrectly on these routers 

C. There is an MTU mismatch between these routers and their neighbors. 

D. This only happens to routers that have their OSPF priority set to 0. 

E. Hello packets are not being received on these routers. 

Answer: A 


QUESTION 595 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


230 

















Pass Leader’ 

Leader of IT Certifications 


Refer to the exhibit. You want to set up an AS path filter that allows networks that originated from 
AS4, and autonomous systems that are directly attached to AS4, to enter R1. When you tested 
the filter, you noticed that something was wrong with it. 


AS3 AS4 



AS1 


R1 

ip as-path access-list 1 permit A 4 [0-9]* 

router bgp 1 

neighbor 4.4.4.4 remote-as 
neighbor 4.4.4.4 route-map 

4 

foo in 

route-map foo permit 10 
match as-path 1 



How can this be solved? 

A. Change the regular expressing to A 4_0-9*$. 

B. Change the regular expression to A 4_0-9+$. 

C. Change the regular expression to A 4_0-9.*. 

D. Change the regular expression to A 4_0-9.$. 

Answer: A 

QUESTION 596 

Refer to the exhibit. While troubleshooting performance issues on your network, you notice that 
CPU utilization on your Layer 3 Internet switch is very high. 

What can be done to solve this issue? 
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hostname $W1 
v 

ip subnet-zero 

t 

ip routing 

t 

spanning-tree extend system-id 

t 

interface FastEthernetO/1 
no ip address 
f 
f 
t 

interface FastEthernetO/48 
description To Internet_Router 
no switchport 

ip address 200.1.1.1 255.255.255.252 

t 

interface Vlanl 
no ip address 
shutdown 
t 

interface Vlan2 
description USER_VLAN 
ip address 10.1.2.1 255.255.255.0 

i 

interface Vlan3 
description SERVERJVLAN 
ip address 10.1.3.1 255.255.255.0 

i 

ip classless 

i 

ip route 0.0.0.0 0.0.0.0 FastEthernetO/48 

i 

line con 0 
line vty 5 15 

f 

end 


A. Use an SVI instead of a routed port to connect to the Internet router. 

B. This is a capacity issue. Replace the switch with a high-performance Layer 3 switch. 

C. Point the default static route to an IP address instead of a physical interface. 

D. Configure CoPP on the Layer 3 switch. 

Answer: C 


QUESTION 597 

Refer to the exhibit. While troubleshooting BGP in this network, you notice that routes are 
constantly flapping on R1. 

What can be done to solve this issue? 
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Lo0:10.10.10.10/32 


Lo0:20.20.20.20/32 


192.168.16.0/30 


hostname R1 
t 

interface LoopbackO 

ip address 10.10.10.10 255.255.255.255 

i 

interface Serial8/0 

ip address 192.168.16.1 255.255.255.252 

i 

router bgp 1 

bgp log-neighbor-changes 
neighbor 20.20.20.20 reroote-as 2 
neighbor 20.20.20.20 ebgp-multihop 2 
neighbor 20.20.20.20 update-source 
LoopbackO 
| 

ip route 20.20.20.0 255.255.255.0 
192.168.16.2 


T ] 


hostname R2 

t 

interface LoopbackO 

ip address 20.20.20.20 255.255.255.255 

t 

interface Ethernet0/0 
ip address 172.16.1.1 255.255.255.0 


interface Serial8/0 

ip address 192.168.16.2 255.255.255.252 

t 

router bgp 2 
no synchronization 
bgp log-neighbor-changes 
network 20.20.20.20 mask 255.255.255.255 
network 172.16.1.0 mask 255.255.255.0 
neighbor 10.10.10.10 remote-as 1 
neighbor 10.10.10.10 ebgp-multihop 2 
neighbor 10.10.10.10 update-source LoopbackO 
no auto-summary 
t 

ip route 10.10.10.0 255.255.255.0 192.168.16.1 


A. Disable synchronization on R1 so that routes from R2 are installed in the routing table. 

B. Disable autosummary on R1 so that routes from R2 are installed in routing table. 

C. Increase the EBGP multihop count to 3. 

D. Replace the static route on R1 with a specific route to 20.20.20.20/32. 

Answer: D 


QUESTION 598 

While troubleshooting an OSPFv3 neighborship between two routers on a Frame Relay network, 
you notice that there is a mapping issue. 

Which mapping needs to be established for OSPFv3 to establish a neighborship on Frame 
Relay? 

A. The all routers multicast address needs to be mapped to the correct DLCI. 

B. The solicited node multicast address needs to be mapped to the correct DLCI. 

C. The neighbor's link-local address needs to be mapped to the correct DLCI. 

D. The all routers broadcast address needs to be mapped to the correct DLCI. 

Answer: C 


QUESTION 599 

Refer to the Exhibit. Which is the effect of the given configuration? 
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A. The router stops SNMP logging. 

B. The router logs messages only to the console. 

C. The router stops logging messages to the syslog server only. 

D. The router log message only to the buffer. 

Answer: C 


QUESTION 600 

Refer to the Exhibit. Which technology can allow Site A and Site B to run OSPF between sites ? 



A. Point-to point circuit. 

B. BGP 

C. GRE Tunnel 

D. Cisco MPLS TE 

Answer: C 


QUESTION 601 

Which two statements about native VLANs are true? (Choose two.) 

A. They require VTPv3. 

B. They are used to forwarded untagged traffic only. 

C. They are used to forward tagged traffic only. 

D. They are configured in VLAN database mode. 

E. They are configured under the trunk interface. 

F. They are used to forward both tagged and untagged traffi 

Answer: BE 


QUESTION 602 

When you deploy DMVPN, What is the purpose of the command key cisco test address 
O.O.O.O.O.O.O.O.? 
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A. It is configured on the hub and spoke routers to establish peering 

B. It is configured on the hub to set the pre-shared key for the spoke routers. 

C. It is configured on the internet PE routers to traverse the ISP core. 

D. It is configured on the spokes to router. 

Answer: B 


QUESTION 603 

Which technology allows several switches to operate together as one device? 

A. HSRP 

B. VRRP 

C. LACP 

D. Stack Wise. 

Answer: D 


QUESTION 604 

Which two statements about OSPFv3 are true? (Choose two.) 

A. It supports the use of a cluster ID for loop prevention. 

B. It supports unicast address families for IPv6 only. 

C. It supports unicast address families for 1 Pv4 and 1 Pv6 

D. It supports only one address family per instance. 

E. It supports multicast address families for 1 Pv4 

F. It supports multicast address families for 1 Pv6 

Answer: CD 


QUESTION 605 

Which MLD message type does a host send to join rrulticast groups? 

A. Join/prune 

B. Hello 

C. Query 

D. Done 

E. Report 

F. Assert 

Answer: E 


QUESTION 606 

Refer to the exhibit. If R41 configured as table? 
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A. 0.0.0.0/0, 4.4.4.4/32 and 10.2.4.0/24 

B. 0.0.0.0/0 and 4.4.4.4/32 only . 

C. 4.4.4.4/32 and 10.1.4.0/24 only 

D. 4.4.4.4/32 and 10.2.4.0/24 only 

E. 4.4.4.4/32,10.2.4.0/24 and 2.2.2.2/32 

Answer: D 


QUESTION 607 

Which TCP features allows a client to request a specific packet that was lost? 

A. flow control 

B. sliding window 

C. fast recovery 

D. selective acknowledgment 

Answer: D 


QUESTION 608 

Refer to the Exhibit. Which configuration can you implement on PE-1 to allow CE-1 to receive 
delegated IP\16 prefixes? 
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A. 


B. 



D. 


lOCAi pool CT. I 2001: dbd: Az : : / 4P 

dhep pool CE-l-DHCf» 
prefix-delegacton pool CE-1 1i 
f*cr C, i g t «*b i UCt-hr rner-CI/a 
IPv6 «ddre«a 2001:dbB:4: HZZzi l/*4 
lpvf. dhep Becvet CE 1 DHCP 


12 


loool pool CP I 2001: dbU: 4: 88BB/S*. 41* 

IPV6 dhc p pool CZ-l-DMCP 

piefix delegation pool CE-1 I lft»tisr mr ini.*.* 

l-nctfC«c« GigubHEtiiernT.a/0 

lpvc address 2001: dbfl • 4z B22: : i/F 4 

IPV6 rlhcp server CE-l-DHC? 



pool CE-1 2001: dhB: 4: 8800: : /tr 4 48 

hep pool CE X-DHCP 

f ix - delegation pool CE—I lifetime mrimti 
ace GiQiato l tfthetnr tO/O 
v£ Add re?* * 2001: dh8: 4: 822: ; 1 /h 4 
dhep seivet CE—1 DHCP 


inf in 



local pool CE—1 2001: itbJ 
dhep pool CE-1 DHCP 
interface Gigi abitEth^rnetO/i 
ipv€ address 200 &:dto8: A :8' 


5£ 


dlicp server CE 



pool CE-1 2001:dbB 
pool CE i-DHCP 
lx-delegation pool CE- 
:e CigiabitEtlrernetO/O 
address 2001:db3:4:82 
dhep server CE-1 DHCP 


Answer: E 


QUESTION 609 

What are two major requirements for configuring an extended VLAN with VTPv2 (Choose two) 

A. VLAN pruning must be enabled 

B. The device must be operating in VTP transparent mode 

C. The configuration must be made in global configuration mode 

D. The VLAN must be configured in VLAN database mode 
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E. The reduced MAC address feature must be disabled 

Answer: BC 


QUESTION 610 

Which two statements about MLD snooping are true? 

A. MLD protocol messages can be sent in both IGMPv4 and ICMPv4 formats. 

B. It supports private VLANs. 

C. It limits the Layer 2 multicast traffic that is generate by routing protocols. 

D. PFC modes support MLD version 2 only. 

E. The MLD snooping querier requires the VLAN interface to be configured with an 1 Pv6 address. 

Answer: BE 


QUESTION 611 

Which IPv6 tunneling mechanism requires a service provider to nude one of its own native IPv6 
blocks to guarantee that its IPv6 hosts will be reachable? 

A. 6rd tunneling 

B. Automatic 6to4 tunneling 

C. manual ipv6ip tunneling 

D. NAT-PT tunneling 

E. Automatic 4to6 tunneling 

F. ISATAP tunneling 

Answer: A 


QUESTION 612 

Refer to the exhibit. After you applied this configuration to R1 and R 2 they failed to form an ISIS 
adjacency. 

Which reason for the problem is most likely true? 
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awrface Stciail/O 


bandwidth ZCJGO 

ip addcess 192.1€8.12.98 2SS.2SS. 
ip toutec i»ia 
aerial restattdelay 0 
router isia 

net 01.0001.0000.□U0U.Ue02.Q0 


A. The network statements are mismatched 

B. The IP subnets are mismatched 

C. T he bandwidth is mismatched 

D. The MTUs are mismatched 

Answer: D 


QUESTION 613 

Which two statements about cisco Express Forwarding are time? (Choose two) 

A. Adjacency tables and Cisco Express Forwarding tables require packet switching. 

B. Cisco Express Forwarding tables contain forwarding information on and adjacency tables contain 
reachability information. 

C. Adjacency tables and Cisco Express forwarding tables can be separately. 

D. Changing MAC header rewrite strings requires cache validation. 

E. Cisco Express Forwarding tables contain reach ability information and adjacency tables contain 
forwarding information. 

Answer: CE 


QUESTION 614 

On which three options can Cisco PfR base its traffic routing? (Choose three) 

A. Time of day 

B. Network performance 

C. Router IOS version 

D. User-defined link capacity thresholds. 
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E. An access list with perm it or deny statements. 

F. Load-balancing requirements. 

Answer: BDF 


QUESTION 615 

Which three statements about BGP soft reconfiguration are true? (Choose three) 

A. Outbound soft reconfiguration requires additional configuration on the BGP neighbor 

B. Inbound soft reconfiguration requires additional memory 

C. Outbound soft reconfiguration requires additional memory 

D. Inbound soft reconfiguration stores an additional copy of the received from a neighbor before 
routing policies take effect 

E. Inbound soft reconfiguration requires additional memory 

F. Outbound soft reconfiguration stores an additional copy of the routes advertised to a neighbor 
before routing policies take effect 

Answer: BEF 


QUESTION 616 

What mechanism should you choose to prevent unicast flooding? 

A. Make sure that all end systems are connected to the network with a single physical connection 

B. Use control plane policing (CPP) to limit unicast flooding. 

C. Configure the ARP cache timers to be longer than the switch forwarding cache (CAM) timers. 

D. Configure the switch forwarding cache (CAM) timers to be longer than the ARP cache timers. 

Answer: D 


QUESTION 617 

Refer to the exhibit. Which two statements about the device configuration are true? (Choose two.) 



A. The device has control-plane protection enabled. 

B. The device implicitly allows Tel net connections. 

C. The GigabitEthemetO/1 interface of the device allows incoming SSH and SNMP connections. 

D. The device has management-plane protection enabled. 

E. The device allows SSH connections to its loopback interface. 

Answer: CD 
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QUESTION 618 

What are the two requirements for BGP to install a classful network into the BGP routing table? 
(Choose two.) 

A. Synchronization is disabled. 

B. The AS contains the entire classful network. 

C. Auto-summary is enabled. 

D. A classful network is statement with a classful mask is in the routing table. 

E. A classful network statement with a lower administrative distance -he routing table. 

F. Synchronization is enabled. 

Answer: CD 


QUESTION 619 

Which authentication types does OSPF support? 

A. Null (or no authentication), clear text and MD5. 

B. Clear text only 

C. MD5only 

D. MD5 and clear text 

E. Null( or no authentication) and clear text 

Answer: A 


QUESTION 620 

Which metric vectors are stored but are not used by default in EIG RP? 

A. Reliability and delay 

B. Load and reliability 

C. Load and bandwidth 

D. Bandwidth and del 

Answer: B 


QUESTION 621 

What are three required attributes in a BGP update message? (select three) 

A. AGGREGATOR 

B. AS_PATH 

C. ORIGIN 

D. MED 

E. NEXT_HOP 

Answer: BCE 


QUESTION 622 

Refer to the exhibit. Which tag will be applied to 172.16.50.0/24 route? 
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ip prttlX-Jlat CO*l .rq s p*r»lt 172 . 16 . 0 . 0 /n 1 C J 4 
1 pr« ix-liat cc|«Z *eq 5 permit 172 . it. irt.o; 17 J* 24 
»P pr»Cl*- list m«s 5 permit 172 . 17 . 120 . 0/17 1 * 24 


tout* -aap (ci« r*r»ir 10 

B4CCh if Address prefix lisc eri*| 

Nt t*y 10 

rout* -bad cci* fttalt 20 

•*tch if Address pzerix-liat cc»*2 
Nt «-*g 20 

route sap ecie print 30 

a*cch if Addr*as pretu list cci*J 
set toy 10 

coutA-oar ecie perait 40 
ie: toy 40 


A. 10 

B. 20 

C. 11 

D. 40 

Answer: A 


QUESTION 623 

Which three types of Layer 2 isolation do private VLANs provide? (Choose three) 

A. Community 

B. Isolated 

C. Blocking 

D. Promiscuous 

E. Private group 

Answer: ABD 


QUESTION 624 

What are three core Features of GET VPN? (Choose three.) 

A. The rekey mechanism. 

B. Time-based anti-replay 

C. AES 

D. MPLS 

E. Partial mesh 

F. Cooperative keys 
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Answer: ABF 


QUESTION 625 

Refer to the exhibit. If R1 and R2 are on the same network, what is the effect on the network 
when you apply the given configuration to R 1 and R2? 



A. A symmetric routing occurs because the bandwidth and delay K value settings are mismatched. 

B. The interface bandv.4dlh and delay settings adjust automatically to match the new metric 
settings. 

C. The neighbor adjacency between R1 and R2temporarily resets and then reestablishes itself. 

D. R1 and R2 fail to form a neighbor adjacency. 

Answer: D 


QUESTION 626 

Which 1 Pv4 mitigation method allows 1 Pv4-only devices to communicate with 1 Pv6-only 
devices? 

A. GRE tunnel 

B. Dual stack 

C. ISA TAP tunnel 

D. NAT64 

Answer: D 


QUESTION 627 

Which three components are in a MPLS header? 
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A. A 4-bit experimental use field 

B. An 8-bit TTL 

C. A 4-bit label stack entry 

D. A 2-bit bottom of stack 

E. A 3-bit experimental use field 

F. A 20-bit label 

Answer: BEF 


QUESTION 628 

Which two statements about route distribution are true? (Choose two.) 

A. Redistributing the entire BGP table from the Internet works well when using multiple OSPF 
areas. 

B. IS-IS does not no support Layer 2 routes that leak into a Layer 1 domain. 

C. Mutual redistribution at multiple points can create a routing loop. 

D. IBGP is used within the AS to Carry EBG P attributes that otherwise would be lost if EBG P was 
redistributed into IGP. 

E. The unequal cost multipath load-balancing characteristic is lost when redistributing OSPF into 
EIGRP. 

Answer: CD 


QUESTION 629 

Which type of ACL can be applied only to Layer 2 ports? 

A. Reflexive ACLs 

B. VLAN ACLs 

C. Standard ACLs 

D. PortACLs 

E. Dynamic ACLs 

Answer: D 


QUESTION 630 

Which action does route poisoning take that serves as a loop-prevention method? 

A. It prohibits a router from advertising back onto the interface from which it was learned. 

B. It advertises a route with an unreachable metric back onto the interface from which it was 
learned. 

C. It immediately sends routing updates with unreachable metric to all devices. 

D. It poisons the route by tagging it uniquely within the network. 

Answer: C 


QUESTION 631 

Which two values are required to implement an EIGRP named configuration? (Choose two.) 
A. Process-id 
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B. Router-id 

C. Subnet-mask 

D. Add ress-family 

E. Virtual-instance-name 

Answer: DE 


QUESTION 632 

Which option describes how a VTPv3 device responds when it detects a VTPv2 device on a trunk 
port? 

A. It sends VTPv2 packets only 

B. It sends a Special packet that contains VTPv3 and VTPv2 packets information. 

C. It sends VTPv3 packets only. 

D. It sends VTPv3 and VTPv2 packets. 

Answer: D 


QUESTION 633 

Which technology uses MPLS to provide 1 Pv6 connectivity o customers in the core network 
without the need for dual stack? 

A. 6to4 

B. NAT64 

C. NAT 

D. SPE 

Answer: D 


QUESTION 634 

Which three statements about bridge assurance are true? 

A. Bridge assurance can be enabled on one end of a link or on the both ends. 

B. If a bridge assurance ports failed to receive a BPDU after a timeout, the port is put into an error 
disabled state. 

C. If a bridge assurance ports failed to receive a BPDU after a timeout, the port is put into a blocking 
state. 

D. Bridge assurance is enabled on STP multipoint links only. 

E. Bridge assurance must be enabled on both the ends of a link. 

F. Bridge assurance is enabled on STP point-to-point links only. 

Answer: CEF 


QUESTION 635 

What is the function of the rendezvous point in PIM? 

A. It redistributes the multicast configuration to its connected neighbor. 

B. It will redistribute the unicast routes to avoid an RPF failure. 

C. It is the main source of the multicast traffi 
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D. It acts as a shared root for a multicast tree. 

Answer: D 


QUESTION 636 

Refer to the exhibit. Which traffic gets set to AF41 by marking policy on interface 
GigabitEthernetO/O? 



1 V addfHw* 10.1.114.S 25b.ZSi.2Si.24B 
NiitvicM pol ley 1 npui Mrkinq 
I 


policy Mp Mrkinq 
cldii in voico 
class in straamnq 


■•t ip dscp «• f 4 1 


sst ip dscp nf31 
class class dsCault 



suiLch accsss^toup *- 1 •® ni 

A. Any traffic matching access-list-tp-rooms and access-list stream in G. 

B. No Traffic gets set to AF41. 

C. Only traffic matching access-list tp-rooms. 

D. Only traffic matching access-list streaming. 

Answer: A 


QUESTION 637 

Which three actions are required when configuring NAT-PAT? (Choose three) 

A. Specify an 1 Pv4-to-1 Pv6 translation. 

B. Enable NAT-PT globally. 

C. Specify a: :/96 prefix that will map to an IP4 address. 

D. Specify a: :/48 prefix that will map to a MAC address. 

E. Specify a ::/32 prefix that will map to an 1 Pv6 address. 

F. Specify an 1 Pv6-to-1 Pv4 translation. 
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Answer: ACF 


QUESTION 638 

Which two statements about HDLC operations in asynchronous balanced mode are true? 
(Choose two.) 

A. Either device can send frames at any time. 

B. Each device must negotiate with its neighbor before sending frames. 

C. Each device must negotiate with its neighbor to recover from framing errors. 

D. Either device can initiate transmission of frames. 

E. The initiating device sends a DTE frame. 

Answer: CD 


QUESTION 639 

Drag and Drop Question 

Drag each QoS application-traffic on the left to the matching definition on the right. 



Answer: 



QUESTION 640 

Which prefix List Matches and permits all RFC 1918 network 1 0.0.0.0 routes that have subnet 
marks of/16 trough/24? 

A. ip prefix-list foo seq 10 perm it 10.0.0.0/16 le 24. 

B. Ip prefix-list foo seq 10 permit 10.0.0.0/16 ge 15 le 25. 
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C. Ip prefix-list foo seq 10 perm it 1 0.0.0.0/8 ge 15 le 25. 

D. Ip prefix-1 istfoo seq 10 permit 10.0.0.0/8 ge 161 e 25. 

Answer: D 


QUESTION 641 

Refer to the Exhibit. What is the reason that the two devices failed to form an EIGRP neighbor 
relationship? 



A. The K-values are valid. 

B. The two devices have different key IDs. 

C. The hold timers are mismatched. 

D. The advanced MD5 digest do not match between the devices. 

Answer: B 


QUESTION 642 

Refer to the exhibit. If R1 and R2 cannot establish an EIGRP neighbor adjacency, which reason 
for the problem is most likely true? 



A. The auto-summary command under the route process is disabled 

B. The hello-interval and hold-time values are invalid 

C. The MTU value between R1 and R2 is too small 
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D. The primary networks are on different subnets 

Answer: D 


QUESTION 643 

External EIGRP route exchange on routers R1 and R2 was failing because the routers had 
duplicate router IDs. You changed the eigrp router-id command on R1, but the problem persists. 
With additional action must you take to enable the routers to exchange routes? 

A. Change the corresponding loopback address. 

B. Change the router ID on R2. 

C. Reset the EIGRP neighbor relationship. 

D. Clear the EIGRP process. 

Answer: D 


QUESTION 644 

Refer to the exhibit. Between which router is an LOP session established? 



A. R1,R2andR3 

B. R1 and R3 

C. R1 andR2 

D. R2andR3 

Answer: C 


QUESTION 645 

Refer to the exhibit. How can you configure R6 so that traffic returns to subnet 172.16.6.0/24 via 
RS? 
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A. Advertise prefix 172.16.6.0/24 to neighbor R5 with AS 65006 prepended. 

B. Configure the neighbor 10.5.6.5 send-community standard command. 

C. Advertise prefix 172.16.6.0/24 to neighbor R5 with metric 80. 

D. Set local preference for all prefixes received from neighbor R5 to 200. 

Answer: B 

QUESTION 646 

Which two statements about VTPv3 are true?(Choose two) 

A. VTPv3 accepts configuration information only from VTPv2 devices. 

B. VTPv3 must receive VTPv2 packets before it can send VTPv2 packets. 

C. VTPv3 sends VTPv2 packets when they are detected on a trunk port. 

D. VTPv3 regions can communicate in server mode only over a VTPv2 region. 

E. Extended VLANs prevent VTPv3 switches from becoming VTPv2 

Answer: BE 


QUESTION 647 

When you implement CoPP on your network, what is its default action? 

A. Drop management ingress traffic to the control plane. 

B. Monitor ingress and egress traffic to the control plane by using access groups that are applied to 
the interface 

C. Block all traffi 

D. Rate-limit bidirectional traffic to the control plane. 

E. Permit all traffi 

Answer: E 
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QUESTION 648 

Which BGP attribute is used to influence inbound traffic? 

A. Multi-exit discriminator 

B. Local preference 

C. Origin 

D. Weight 

Answer: A 


QUESTION 649 

Which option describes the effect of the command ip route vrf DMZ 192.168.0.0.255.255.0.0 

172.16.5.5 global? 

A. It creates a slatic default route in the "Ihl DMZ, and the next hop is in the global routing table. 

B. It creates a static route in the VRF DMZ for 192.168.0.0 255.255.0.0, and the next hop is in the 
global routing table. 

C. It creates a static route in the global routing table for 192.168.0.0 255.255.0.0, and the next hop 
in the global routing table. 

D. It creates a slatic route in the global routing for 192.168.0.0 255.255.0.0, and the next hop is in 
The VRF DMZ. 

E. It creates a static route in the VRF DMZ for 192.168.0.0 255.255.0.0, and the next hop is in the 
VRFDMZ. 

Answer: B 


QUESTION 650 

Which three statements about IS-IS are true? (Choose three.) 

A. IS-IS is a cisco proprietary routing protocols. 

B. IS-IS has the capability to provide address summarization between areas. 

C. IS-IS is an IETF standard. 

D. IS-IS has three different levels of authentication: interface level, process level, and domain level 

E. IS-IS can be used to route both IP and CLNP. 

F. IS-IS can be used only in the service provider network. 

Answer: BDE 


QUESTION 651 

Which two options are parts of an EEM policy? (Choose two.) 

A. event register 

B. body 

C. environment must defines 

D. namespace import 

E. entry status 

F. exit status 

Answer: AB 
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QUESTION 652 

How many address families can a single OSPFv3 instance support? 

A. 1 

B. 2 

C. 5 

D. 10 

Answer: A 


QUESTION 653 

Drag and Drop Question 

Drag and drop the description on the left to the correct EIGRP term in the right. Not all options are 
used. 


reported metric to the neighbor router 


reported distance 

best metnc along a path to the destination including 
[the metric to the neighbor 

feasible distance 

best metric along a path to the feasible successor 

feasible succesor 

path with a reported distance lower than the feasible 
distance 



total metric along a path to the destination as 
advertised by the upstream neighbor 


Answer: 



QUESTION 654 

In which way does the Bridge Assurance mechanism modify the default spanning-tree behavior in 
an effort to prevent bridging loops? 

A. IF BPDUs are no longer received on a port, the switch immediately sends a out a TCN BPDU. 

B. Extended topology information is encoded into all BPDUs. 

C. BPDUs are sent bidirectional on all active networks ports, including blocked and alternate ports. 

D. Received BPDUs are looped back toward the sender to ensure that link is bidirectional. 

Answer: C 


QUESTION 655 
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Which two statements about scheduling multiple IP SLA operations are true? 

A. You must configure IP SLA operations before you can schedule a group of operations. 

B. The ip sla monitor group schedule command must be configured on the device. 

C. You must configure the frequency of each IP SLA operation before it can start. 

D. The IP SLA operations must be scheduled at a maximum interval of 30 seconds. 

E. Every IP SLA operation in a single group must start at the same time. 

Answer: AC 


QUESTION 656 

In an MPLS-VPN environment, what is the effect of configuration an identical set of route targets 
for a particular VRF but then configuration a nonidentical RD across multiple PE devices? 

A. The routes are not sent to any remote PE with different RD. 

B. The routes are directly managed by the control plane, but there are instances where routes take 
up twice as much memory. 

C. The routes are rejected by the remote PE because they have a different RD than its routes. 

D. The routes propagate to the remote PE, but the PE never installs the, in its forwarding table. 

Answer: B 


QUESTION 657 

Which two statements about IGMP filters that are operating in access mode are true? (Choose 
two) 

A. A filter that is applied on the SVI must use the same setting as a same filter that is applied to the 
trunk port. 

B. They can be applied to the access point only. 

C. The port filter is always checked first. 

D. The SVI filter is always checked first. 

E. They can be applied on both the SVI and the access port. 

Answer: CE 


QUESTION 658 

Which LSA type is associated with the default route in a totally stubby area? 

A. interarea-prefix LSA for ABRs (Type 3) 

B. autonomous system external LSA (Type 5) 

C. router LSA (Type 1) 

D. interarea-router LSAs for ASBRs (Type 4) 

Answer: A 


QUESTION 659 

How is the MRU for a multilink bundle determined? 
A. It is negotiated by LCP. 
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B. It is manually configured on the multilink bundle. 

C. It is manually configured on all physical interfaces of a multilink bundle. 

D. It is negotiated by NCP. 

E. It is negotiated by IPCP. 

Answer: A 


QUESTION 660 

Which two statements about PIM-DM are true? (Choose two.) 

A. It forwards multicast packets on a source tree. 

B. It requires an RP. 

C. It forwards multicast packets on a shared distribution tree. 

D. It floods multicast packets to neighbors that have requested the data. 

E. It floods multicast packets throughout the network. 

F. It forwards multicast packets to neighbors that have requested the data. 

Answer: AE 


QUESTION 661 

What command can you enter to configure NBAR to recognize VNC traffic? 

A. Ipnbar custom-map VNC tcp-udp 5900 5901 

B. Ipnbar application-map VNC udp 5900 5901 

C. Ipnbar port-to-application seq 5 VNC tcp 5900 5901 

D. Ipnbar port-map VNC hex OxAA 0x1 B 

E. Ipnbar port-map VNC tcp 5900 5901 

Answer: E 


QUESTION 662 

Which two statements about 6to4 tunnels are true? (Choose two.) 

A. They support point-to-point multipoint traffic. 

B. They encapsulate IPv6 packets, which allow the packets to travel over Ipv4 infrastructure. 

C. They support point-to-point traffic. 

D. The support OSPF and EIGRP traffic. 

E. They generate an IPv6 prefix using a common IPv4 address. 

F. They allow IPv4 packets to travel over Ipv6 infrastructure without modification. 

Answer: AB 


QUESTION 663 

Which two factors contribute to traffic starvation when TCP and UDO flows are included in a 
single traffic class? (Choose two) 

A. TCP flows continually lower their transmission rates when congestion occurs in a link. 

B. UDP flows continually reduce the window size when congestion occurs on a link. 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


254 














Pass Leader’ 

Leader of IT Certifications 


C. TCP flows maintain a consistent transmission rate when congestion occurs on a link. 

D. TCP flows continually reduce the window size when congestion occurs on a link. 

E. UDP flows maintain a consistent transmission rate when congestion occurs on a link 

F. UDP flows continually lower their transmission rates when congestion is detected. 

Answer: AE 


QUESTION 664 

In which 802.1 D port state are the root bridge, the root port, and the designated port(s) elected? 

A. Listening 

B. learning 

C. forwarding 

D. blocking 

E. disabled 

Answer: A 


QUESTION 665 

Which two conditions must be met by default to implement the BGP path feature? (Choose two) 

A. MPLS must be enabled. 

B. The next-hop routers must be different. 

C. All attributes must have the same values. 

D. Route reflectors must be enabled. 

E. The next-hop routers must be the same. 

Answer: BC 


QUESTION 666 

Which three fields are part of a TCN BPDU? (Choose three.) 

A. protocol ID 

B. version 

C. type 

D. max-age 

E. flags 

F. message age 

Answer: ABC 


QUESTION 667 

Which type of packet is sent by an HSRP router to advertise the virtual IP address? 

A. Gratuitous ARP 

B. ARP Request 

C. HSRP Hello 

D. HSRP Coup 
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Answer: A 


QUESTION 668 

Which two statements about QoS marking are true? (Choose two.) 

A. It is supported on Fast EtherChannel and ATM SVC interfaces. 

B. It is supported on tunnel interfaces. 

C. It can use3 a table map to mark traffic. 

D. The set discard-class command can be configured for ATM and MPLS protocols. 

E. It requires Cisco Express Forwarding to be enabled on the sending interface and the receiving 
interface. 

Answer: BE 


QUESTION 669 

Refer to the exhibit. Router A must reach router X. Which option describes how router A decides 
which interface to use to forward packets ? 



A. Router A relies on RIB to select the desired interface 

B. Router A does per-flow load-balance across the two interfaces 

C. Router A relies on FIB to select the desired interface 

D. Router A does per-packet load-balance across the two interfaces 

Answer: A 


QUESTION 670 

Which three options are there of the valid message types for DHCPv6? (Choose three.) 

A. Request 

B. Solicit 

C. Discover 

D. Advertise 

E. Offer 

F. Leave 

Answer: ABD 
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QUESTION 671 

Which two statements about GLBP are true? (Choose two.) 

A. It uses Hello, Request and Reply packet reply. 

B. Each GLBP group supports up to 4 MAC address. 

C. It support stateful switchover. 

D. It communities to multicast address 244.0.0.18. 

E. It allows members to elect up to two gateways as the AVG. 

Answer: BC 


QUESTION 672 

An NASSA area has two ABRs connected to Area 0. 

Which statement is true? 

A. Both ABRs translate Type-7 LSAs to Type-5 LSAs. 

B. The ABR with the highest router ID translates Type-7 LSAs to Type-5 LSAs. 

C. No LSAs translation is needed. 

D. Both ABRs forward Type-5 LSAs from the NASA area to backbone area. 

Answer: B 


QUESTION 673 

You need to modify the IOS L3switch configuration for High Availability operation. 

What additional configuration is needed, if any? 

A. Modify the configuration to use VRRP, which has additional functionally that works better for High 
Availability. 

B. Enable HSRP preempt with a delay to allow time for he routing and switching protocols to 
converge. 

C. Enable HSRP preempt to force the primary L3 switch to resume th master role after a failure. 

D. The shown configuration is sufficient for High functionally. 

Answer: B 


QUESTION 674 

Which two statements about Cisco IOS XE are true? (Choose two) 

A. It is deployed in a Linux-based environment 

B. Separate images are required for platform-dependent code 

C. It uses a service blade outside Cisco IOS XE to integrate and run applications 

D. The FED feature provides separation between the control plane and the data plane 

E. Its functions run as multiple separate processes in the OS 

Answer: AE 


QUESTION 675 

Which topology allows the split-horizon rule to be safely disabled when using EIGRP? 
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A. Hub and spoke 

B. Ring 

C. Full mesh 

D. Partial mesh 

Answer: A 


QUESTION 676 

Refer to the exhibit. Which statement is true? 



?.:uter#sh ip ospf 1 * 

Routing Process "ospf 1* with ID 1.0.0.102 

S:;r. tune: :0:00:09.225, Time elapsed: 00:02:54.859 

Supports only single TOS(TOSO) routes 

Supports opaque LSA 

Supports Link-local Signaling (LLS) 

Supports area transit capability 

Supports NSSA (ccmpatibie with RFC 3101) 

Event-log enabled. Maximum number of events: 1000, Mode: cyclic 

7* is an ^:ea border ind autonomous system boundary router 

Redistributing External Routes from, 

connected, includes subnets in redistribution 

PvOuter is not originating router-LSAs with maximum metric 

Initial SPF schedule delay 100 msecs 

Minimum hold tine between two consecutive SPFs 200 msecs 

Maximum wait time between two consecutive SFFs 1000 msecs 

Incrementa1-5PF disabled 

Initial LSA throttle delay 50 msecs? 

Minimum hold time for LSA throttle 100 msecs 

Maximum wait time for LSA throttle 5000 msecs 

Minimum LSA arrival SO msecs 

LSA group pacing timer 240 secs 

Interface flood pacing timer 33 msecs 

Retransmission pacing timer 66 msecs 

Humber of external LSA 0. Checksum Sum 0x000000 

Humber Of opaque AS LSA 0. Checksum Sum 0x000000 

Number of DCbitless external and opaque AS LSA 0 

Number of DoNotAge external and opaque AS LSA 0 [\ 

Number of areas in this router is 2. 2 norma. 0 stub 0 nssa 

Number of areas transit capab_e is 0 

Externa- I.ood list length 0 

IETF NSF helper support enabled 

Cisco NSF helper support enabled 

3FD is enabled 

Reference bandwidth unit is 100 mbps 




A. BFD and SPF throttling are configured 

B. Only BFD is enabled 

C. BFD, SPF, and LSA timers are turned for faster convergence 

D. Fast convergence is not configured 

Answer: C 
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QUESTION 677 

Which two loops-prevention mechanisms are implemented in BGP? (Choose two) 

A. The command bgp bestpath as-path-ignore enables the strict checking of AS_PATH so that they 
drop routes with their own AS in the AS_PATH. 

B. A route with its own cluster ID in the CKUSTERJJST is dropped automatically when the route 
reenters its own AS. 

C. The command bgpbestpath med missing-as-worst assigns the smallest possible MED, which 
directly prevents a loop. 

D. The command bgpallowa-in enables a route with its own AS_PATH to be dropped when it 
reenters its own AS 

E. A route with its own AS in the AS_PATH is dropped automatically if the routereenters its own AS. 

Answer: BE 


QUESTION 678 

Which two conditions can cause unicast flooding? (Choose two) 

A. RIB table overflow 

B. Forwarding table overflow 

C. Symmetric routing 

D. Multiple MAC addresses in the Layer 2 forwarding table 

E. Recurring TCNs 

Answer: BE 


QUESTION 679 

Which three components are in an MPLS header? (Choose three) 

A. 4-bit experimental use field 

B. 4-bit label stack entry 

C. an 8-bit TTL 

D. 2-bottom of stack 

E. 3-bit experimental use field 

F. 20-bit label 

Answer: CEF 


QUESTION 680 

Refer to the exhibit. After observing that an OSPF neighbor relationship failed to form, you 
executed a debug that returned the given output. Which configuration issue prevented the OSPF 
neighbor relationship from forming? 
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•Oct 

1 

13:08:10.635: 

OSPF-1 

BELLO 

FaO/O: 

Send hello to 224.0.0.5 area 0 fro® 172.16.1.1 

•Oct 


13:08:11.095: 

OSPF-1 

HELLO 

FaO/O: 

Rev hello fro® 172.16.1.2 area 0 172.16.1.2 

•Oct 


13:08:11.099: 

OSPF-1 

HELLO 

Fafl/0: 

Hi snatched hello paraaeters fro® 172.16.1.2 

•Oct 


13:08:11.099: 

05PF-1 

HELLO 

FaD/O: 

Dead R 40 C 40, HeiLo P. LO C 10 Hask P 255.2SS. 255.248 C 255.255.255.240 

•Oct 

1 

13:08:12.407: 

OSPF-1 

ADJ 

FaO/O: 

end of ¥ait on interface 

•Oct 

1 

13:08:12.407: 

OSPF-1 

ADJ 

FaO/O: 

DP./BDR election 

•Oct 

1 

13:08:12.407: 

OSPF-1 

ADJ 

FaO/O: 

Elect BDR 172.16.1.1 

•Oct 

1 

13:08:12.411: 

OSPF-1 

ADJ 

FaO/O: 

Elect DP 172.16.1.1 

•Oct 

1 

13:08:12.411: 

OSPF-1 

ADJ 

FaO/O: 

Elect BDR 0.0.0.0 

•Oct 

1 

13:08:12.411: 

OSPF-1 

ADJ 

Fa0/0: 

Elect DP 172.16.1.1 

•Oct 

1 

13:08:12.411: 

OSPF-1 

ADJ 

FaO/O: 

DR: 172.16.1.1 (Id) BDR: none 

•Oct 


13:08:19.751: 

OSPF-1 

HELLO 

FaO/O: 

Send hello to 224.0.0.5 area 0 fro® 172.16.1.1 

•Oct 

1 

13:08:21.011: 

OSPF-1 

HELLO 

Fa0/0: 

Rev hello fro® 172.16.1.2 area 0 172.16.1.2 

•Oct 


13:08:21.015: 

OSPF-1 

HELLO 

FaO/O: 

Hisaatched hello paraaeters froa 172.16.1.2 


A. The stub flag is set on the neighboring device. 

B. The devices are on different subnets. 

C. The hello and hold timers are mismatched. 

D. The area IDs are mismatched. 

Answer: B 


QUESTION 681 

What is the initial BFD state? 

A. Init 

B. Down 

C. Admin/Down 

D. Up 

Answer: C 


QUESTION 682 

Which two configuration options are available for PIM snooping? (Choose two.) 

A. On a specific interface on the device. 

B. On a range of interfaces on the device. 

C. Under the VLAN in VLAN configuration mode. 

D. Globally on the device. 

E. Under the SVI for the corresponding VLAN. 

Answer: DE 


QUESTION 683 

Which two statements about the passive-interface command issued under EIGRP are true? 

(Choose two) 

A. It configures the interface to use unicast messages to establish EIGRP neighbor relationships 

B. It disables processing of incoming hello messages 

C. It allows incoming routing updates to be received but disables outing routing updates 

D. If it is enabled globally under EIGRP on the device, it can be disabled for individual interfaces to 
allow those interfaces to remain active 
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E. It configures the device to advertise only connected interfaces to neighbors with EIGRP 
Answer: BD 


QUESTION 684 

Which two options are requirements for Control-Plane Policing? (Choose two.) 

A. Cisco Express Forwarding must be enabled globally. 

B. Cisco Discovery Protocol must be disabled in the control plane. 

C. A crypto policy must be installed. 

D. A loopback address must be configured for device access. 

E. A class map must be configured to identify traffic. 

Answer: AE 


QUESTION 685 

Which two elements are required to define a class-map? (Choose two.) 

A. A traffic-class name 

B. A series of match commands. 

C. A traffic policy name 

D. A series of set command 

E. A command such as bandwidth, fair-queue, or random-detect to enable a QoS option. 

F. An attachment to an interface 

Answer: AB 


QUESTION 686 

Which technology can be used to secure the core of an STP domain? 

A. UplinkFast 

B. BPDU guard 

C. BPDU filter 

D. root guard 

Answer: D 


QUESTION 687 

Which two statements about DHCP operations are true? (Choose two) 

A. When the DHCP relay agent receives a DHCP messages, If generates a new DHCP message to 
transmit 

B. The client uses option 125 in a DHCPDISCOVER message to discover the DHCP server 

C. The DHCP server inserts option 150 when it sends a DHCPOFFER message 

D. The client uses TTL to discover a DHCP server and obtain a leased IP address 

E. The DHCP relay agent can insert option 82 with additional information about the client identity 

Answer: BE 
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QUESTION 688 

Refer to the exhibit. Which two statements about this network are true? (Choose two) 



A. It allows successful traceroute operations from R3 to R2 

B. It allows successful traceroute operation from R1 to R2 

C. It generates syslog messages for all discarded packet 

D. It is configured with control-plane policing in silent mode 

E. It is configured as distributed control-plane services 

Answer: BD 


QUESTION 689 

In an MPLS-VPN environment, what is the effect of configuring an identical set of route targets for 
a particular VRF but then configuring nonidentical RD across multiple PE devices? 

A. The routes are rejected by remote PE because they have a different RD than its routes. 

B. The routes propagate to the remote PE, but the PE never installs them in its forwarding table. 

C. The routes are correctly managed by the control plane, but there are instances where routes take 
up twice as much memory. 

D. The routes are not sent to any remote PE with a different RD. 

Answer: C 


QUESTION 690 

Which two are features of DMVPN? (Choose two) 

A. It supports multicast traffic 

B. It does not supports spoke routers behind dynamic NAT 
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C. It only supports remote peers with statically assigned addresses 

D. It offers configuration reduction 

E. It requires IPsec encryption 

Answer: AD 


QUESTION 691 

What are the two EEM event subscribers? (Choose two) 

A. applet 

B. script 

C. syslog 

D. CLI 

E. none 

Answer: AB 


QUESTION 692 

For which feature is the address family "rtfilter" used? 

A. Enhanced Route Refresh 

B. MPLS VPN filtering 

C. Route Target Constraint 

D. Unified MPLS 

Answer: C 


QUESTION 693 

What is a major difference between Unidirectional Link Detection (UDLD) and Bidirectional 

Forwarding Detection (BFD)? 

A. UDLD operates at Layer 3 and detects the failure of the Layer 3 connectivity between two routers. 
BFD operates at Layer 3 and detects forwarding path failures over multiple Layer 2 hops between 
two routers. 

B. UDLD operates at Layer 2 and detects failure of physical links. BFD operates at Layer 3 and 
detects failure of forwarding paths, which may transit multiple Layer2 hops, between two routers. 

C. UDLD operates at Layer 2 and detects failure of physical links BFD operates at Layer 2 and 
detects failure of a direct link between two routers or switches. 

D. UDLD operates at Layer 3 and detects failure of physical links between adjacent routers. BFD 
operates at Layer 3 and detects failure of a forwarding path, which may transit multiple Layer 2 
hops , between two routers. 

Answer: B 


QUESTION 694 

Which two events occur when a packets is decapsulated in a GRE tunnel? (Choose two.) 

A. The source IPv4 address in the IPv4 payload is used to forward the packet. 

B. The destination IPv4 address in the IPv4 payload is used to forward of the packets. 
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C. The version field of the GRE header is incremented. 

D. The GRE keepalive mechanism is reset. 

E. The TTL of the payload packet is incremented. 

F. The TTL of the payload is discremented. 

Answer: BE 


QUESTION 695 

Which three actions are required when configuration NAT-PT? (Choose three) 

A. Specify a ::/48 prefix that will map to a MAC address. 

B. Specify a::/32 prefix that will map to an IPV6 address. 

C. Specify an IPv6-to-IPv4 translation. 

D. Enable NAT-PT Globally. 

E. Specify a ::/96 prefix that will map to an IPv4 address. 

F. Specify an IPv4-to-IPv6 translation. 

Answer: CEF 


QUESTION 696 

Refer to the exhibit. When a user attempted to log in to R1 via the console, the logon was 
successful but the user was placed in user EXEC mode instead of privileged EXEC mode. 
What action can you take to correct the problem? 


HI 

mmm nww-moOml 

taa tuthintieitlon login lifault lecil 
password O cisco 


A. Configure the privilege level 15 command under line console 0 

B. Configure the username jdoe privilege 15 password 0 cisco command under the global 
configuration 

C. Configure the aaa authentication login default local enable command under the global 
configuration 

D. Configure the enable secret level 15 cisco command under the global configuration 

E. Configure the aaa authentication console command under the global configuration 

Answer: A 

QUESTION 697 

Refer the exhibit. What are two effects of the given network configuration? (Choose two) 
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A. The 192.168.12.0/24 network is added to the R3 database. 

B. R1 and R2 fail to form an adjacency. 

C. R2 and R3 fail to form an adjacency. 

D. R2 advertises the 192.168.23.0/24 network. 

E. R2 advertise the 198.168.23.0/24 network. 

F. The 192.168.12.0/24 network to the R3 route table. 

Answer: CD 


QUESTION 698 

Which two statements are true about IS-IS? (Choose two.) 

A. IS-IS DIS election is nondeterministic. 

B. IS-IS SPF calculation is performed in three phases. 

C. IS-IS works over the data link layer, which does not provide for fragmentation and reassembly. 

D. IS-IS can never be routed beyond the immediate next hop. 

Answer: CD 


QUESTION 699 

Drag and Drop Question 

Drag and drop each IS-IS PDU type from the left onto its purpose on the right. 


1 




1 





OH 


uKtungui thm of tftr R t known m^tibon j 





“■ 1 


Mrm rti*» mabrni of ISP* tfwt»tw Pi nmh In obtmn 1 




PS HP 

1 

w«id« ^ umurv of m% IS » ISK» 


Answer: 
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J 


QUESTION 700 

Drag and Drop Question 

Drag and drop the PPPoE packet type on the left of the corresponding description on the right. 


Drag and drop the PPPoE packet type on the left to the corresponding description on the right. 



PADR 


A packet that is sent with the destination_addr set to the broadcast address. The packet 
indicates the type of service requested 



PADT 


A packet that is sent with the destination_addr set to the unicast address of the PPPoE 
client The packet contains an offer for the client. 


PADO 


A packet that is sent from the PPPoE client with the destinab'on_addr set to the chosen 
access concentrator. 

The packet contains a session request from the client. 



PADI 


A packet that is sent as confirmation to the client. 

The packet contains the unique PPPoE session ID 



PADS 


A packet that is sent to terminate the PPPoE session. 


Answer: 


Drag and drop the PPPoE packet type on the left to the corresponding description on the right. 




PADI 



PADO 


PADR 


PADS 


PADT 


QUESTION 701 

Refer to the exhibit. What is the maximum size of a packet that can be sent successfully from R3 
to 10.1.2.1 without enabling fragmentation? 
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A. 1490 bytes 

B. 1501 bytes 

C. 1480 bytes 

D. 1479 bytes 

E. 1500 bytes 

F. 1521 bytes 

Answer: C 


QUESTION 702 

How are the Cisco Express Forwarding table and the FIB related to each other? 

A. Cisco Express forwarding uses a FIB to make IP destination prefix-based switching decisions 

B. Cisco Express Forwarding table allows route lookups to be forwarded to the route processor 
for processing before they are sent to the FIB 

C. The FIB is used to populate the Cisco Express Forwarding table 

D. There can be only one FIB but multiple Cisco Express forwarding tables on IOS devices 

Answer: A 


QUESTION 703 

Which two statements about BGP PIC are true? (Choose two.) 

A. When the path to a distant PE router charges, PIC is Independent of the number VRFs on the 
router. 

B. It is prefix-dependent for internal routes. 

C. PIC Core supports fast convergence with external neighbor links. 

D. It achieves subsecond convergence in the BGP FIB. 

E. PIC Edge provides fast convergence when an external neighbor node fails. 

Answer: CD 


QUESTION 704 

Refer to the exhibit. Which statement is true? 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


267 














Pass Leader* 

Leader of IT Certifications 


Rl#show mpls 12transport vc 100 detail 

Local interface: Fa2/6 up, line protocol up, Ethernet up 
Destination address: 2.2.2.3, VC ID: 100, VC status: up 
Preferred path: Tunnell, active 
Default path: ready 

Tunnel label: 12307, next hop point2point 
Output interface: Tul, imposed label stack {12307 20} 
Create time: 00:00:11, last status change time: 00:00:11 
Signaling protocol: LDP, peer 2.2.2.3:0 up 
MPLS VC labels: local 21, remote 20 
Group ID: local 0, remote 2 
MTU: local 1500, remote 1500 
Remote interface description: 

Sequencing: receive disabled, send disabled 
VC statistics: 

packet totals: receive 1, send 6 
byte totals: receive 368, send 0 

packet drops: receive 0, send 0 


A. R1 is using an MPLS TE tunnel for this pseudowire, because the IP path is not avialable. 

B. The default route 0.0.0.0/0 is available in the IPv4 routing table. 

C. R1 has preferred-path configured for the pseudowire. 

D. R1 routes this pseudowire over MPLS TE tunnell with transport label 20 

Answer: C 


QUESTION 705 

When you implement CoPP on your network, what is its default action? 

A. Drop management ingress traffic to the control plane. 

B. Monitor ingress and egress traffic to the control plane by using access groups that are applied 
to the interface 

C. Block all traffic. 

D. Rate-limit bidirectional traffic to the control plane. 

E. Permit all traffic. 

Answer: E 


QUESTION 706 

Which interior gateway protocol is based on open standards, uses a shortest-path first algorithm, 
provides native support for non-IP Layer 3 protocols, and operates at the data link layer? 

A. EIGRP 

B. IS-IS 

C. OSPF 

D. BGP 

Answer: B 
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QUESTION 707 

Refer to the exhibit. Between which router is an LDP session established? 



A. R1, R2 and R3 

B. R1 and R3 

C. R1 and R2 

D. R2 and R3 

Answer: C 


QUESTION 708 

Which IS-IS process is responsible for flooding local link information to adjacent routers? 

A. update 

B. receive 

C. decision 

D. forward 

Answer: A 


QUESTION 709 

In which way does the Bridge Assurance mechanism modify the default spanning-tree behavior in 
an effort to prevent bridging loops? 

A. If BPDUs are no longer received on a port, the switch immediately sends out a TCN BPDU. 

B. Extended topology information is encoded into all BPDUs 

C. BPDUs are sent bidirectional on all active network ports, including blocked and alternate ports. 

D. Received BPDUs are looped back towards the sender to ensure that the link is bidirectional 

Answer: C 


QUESTION 710 

Which information is contained in an OSPF Type 7 Not-So-Stubby Area NSSA External LSA? 

A. External network address, mask, and cost to reach network that is external to the OSPF 
domain and only within the NSSA 

B. The external network address, mask and cost to reach networks that are external to the OSPF 
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NSSA, including the default route. 

C. The address of routers that connect the current area to other areas and cost to reach those 
routers. 

D. The paths and costs to reach other stub area border routers in the OSPF routing domain 

E. The paths and costs to all OSPF NSSA areas that are external to the current area 

Answer: A 


QUESTION 711 

Refer to the exhibit. The Mainl and Branchl switches are connected directly over an MPLS 
pseudowire, and both run UDLD. After router B1 reloads because of a power failure, the 
pseudowire is restored. However, the Branch 1 switch is unable to reach the Main 1 switch. 
Which two actions can you take to restore connectivity and prevent the problem from recurring? 
(Choose two) 



A. Issue the shutdown and no shutdown commands on both the Branchl switch uplink to the B1 
router and the Main 1 switch's uplink to the Ml router. 

B. Configure a backup GRE tunnel between the Main 1 and Branch 1 switches. 

C. Enable UDLD recovery on both the Main 1 and Branch 1 switches 
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D. Enable errdisable recovery on both the Main 1 and Branch 1 switches. 

E. Configure a backup pseudowire between the Main 1 and Branchl switches 

Answer: AD 
QUESTION 712 

Which statement about Auto-RP is true? 

A. An RP that is tied to a loopback address must be configured. 

B. All interfaces must be configured in sparse mode. 

C. All interfaces must be configured in sparse-dense mode. 

D. All interfaces must be configured in dense mode. 

Answer: C 


QUESTION 713 

Which technology can be used to secure the edge of an STP domain? 

A. root guard 

B. BPDU guard 

C. UplinkFast 

D. BPDU filter 

Answer: A 


QUESTION 714 

Which three features support object tracking? (Choose three) 

A. OSPF 

B. BFD 

C. EEM 

D. HSRP 

E. PfR 

F. vPC 

Answer: CDF 


QUESTION 715 

Which GDOI key is responsible for encrypting control plane traffic? 

A. The traffic encryption key 

B. The key-chain 

C. The preshared key 

D. The key encryption key 

Answer: D 


QUESTION 716 

Which two statements about private VLAN communications are true? (Choose two.) 
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A. Promiscuous ports communicate with all other ports. 

B. Primary VLAN traffic is passed across trunk interfaces. 

C. Promiscuous ports connect only to routers. 

D. Isolated ports communicate with other isolated ports. 

Answer: AB 


QUESTION 717 

Which three options are three of the valid message types for DHCPv6? (Choose three) 

A. Offer 

B. Request 

C. Leave 

D. Solicit 

E. Discover 

F. Advertise 

Answer: BDF 


QUESTION 718 

Which IPv6 migration method allows IPv4-only devices to communicate with IPv6-only devices? 

A. GRE tunnel 

B. dual stack 

C. ISATAP tunnel 

D. NAT64 

Answer: D 


QUESTION 719 

Refer to the exhibit. While troubleshooting an issue with a blocked switch port, you find this error 
in the switch log. Which action should you take first to locate the problem? 



A. Check the attached switch for a BPDU filter. 

B. Test the link for unidirectional failures. 

C. Check the attached switch for an interface configuration issue. 

D. Execute the show interface command to check FastEthernet 0/1. 

Answer: A 


QUESTION 720 

Which three pieces of information are carried in OSPF type-3 LSAs? (Choose three) 
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A. Forwarding address 

B. IP subnet 

C. Subnet mask 

D. Authentication type 

E. External route tag 

F. Metric 

Answer: AEF 


QUESTION 721 

What is one requirement to support the IGMP proxy feature? 

A. Devices on the unidirectional link must be in the same IP subnet. 

B. Devices connected to a unidirectional link must disable Internet access. 

C. IGMP snooping must be disabled. 

D. PIM-DM must be enabled on all unidirectional links. 

Answer: A 


QUESTION 722 

Which routing protocol is incompatible with VRF-lite? 

A. IS-IS 

B. EIGRP 

C. BGP 

D. OSPF 

Answer: A 


QUESTION 723 

Which two statements about GLBP are true? (Choose two) 

A. It allows members to elect up to gateways as the AVG. 

B. It uses Hello, Request, and Reply packet types. 

C. Each GLBP group supports up to 4 MAC addresses. 

D. It communicates to multicast address 224.0.0.18. 

E. It supports stateful switchover. 

Answer: CE 


QUESTION 724 

Refer to the Exhibit. Which two statements about the given MPLS VPN ate true? (Choose two.) 
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A. It includes four CE routers. 

B. Router A and router 1 must be BGP neighbors. 

C. It includes four P routers. 

D. It includes two CEs and two Pes. 

E. Only one connection is outside the ISP network. 

Answer: CD 


QUESTION 725 

Refer to the exhibit. What are two effects of the given configuration?(Choose two) 


interface LoopbackO 

ip address 172.1.1.1 255.255.255.255 
ip pirn dense-mode 
interface FastEthernetO/O 

ip address 192.168.12.1 255.255.255.0 
ip pim dense-mode 
interface FastEthernetO/1 

ip address 192.168.14.1 255.255.255.0 
ip Dim dense-mode 

ip pim bidir-enableip pim send-rp-announce LoopbackO scope 5 group-list 1 bidir 
ip pim send-rp-discovery scope 5 

access-list 1 deny 224.1.1.1 

access-list 1 permit 239.0.0.0 0.255.255.255 


A. Source for the 224.1.1.1 multicast stream will register with 172.1.1.1. 

B. It configures 172.1.1.1 as a spare-mode rendezvous point. 

C. Multicast stream 224.1.1.1 will operate in spare mode. 
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D. It configures 172.1.1.1 as the Bidir-PIM rendezvous point. 

E. Multicast stream 224.1.1.1 will operate in dense mode. 

F. Sources for the 239.1.1.1 multicast stream will register with 172.1.1.1. 

Answer: DF 


QUESTION 726 

Refer to the Exhibit. Which two statements about the R1 configuration are true? (Choose two) 


RlHsho log 

Syslog logging enabled (0 messages dropped, 3 messages rate-llml ced, 0 (lushes. 0 overruns, xml disabled. filtering disabled) 
No Active Messeg* Discriminator 
No Inactive Message Discriminator 

Consol* logging l*v*l debugging. 43 messages logged, xml disabled, filtering disabled 

Monitor logging level debugging 0 messages logged, xml disabled, d 

Buffer* logging" l*v*l debugging. 43 message, logged, xml disabled, filtering disabled 

Exception Logging sire (4096 bytes) 

Count and timestamp logging messages disabled 
persistent logging disabled 

no active filter modules 

Trap logging level informational. 36 ^ 

Logging source-interface VRF Name 




Buffer (81 
000026 
000027 
000030: 
000032: 
000033 
000034 
000033 
000036 
000037 
000038 
000039 
000040 
000041 
000042 
000043 
000044 


III l0 »i« %U 


to «r. ii 'iii m 

I si ailli 
ssisiss 




osrr-* - to 22* o 0 3 area 0 from 10 1 11 

ospr-l hello Eto/o. s on lnt . E fa C . 

oSI , r -l lb, OH/BDH election 

EtO / 0 : Elect BDR10JL 1 
Et0/0: Elect OH 10.1 11 

EtO/0 Elect 

oss-r -1 ADJ etO/O Elec * x , ld) SDR none . 

SgSs^ 

° SP console by console 


OSPr -1 ADJ 
ospr -1 ADJ 
ospr-l ADJ 
OSPf -1 ADJ 
ospr-i adj 
OSPF-l ADJ 


A. Timestamp are disabled for log messages. 

B. The service timestamps log uptime command is configured. 

C. R1 is using the default format for log output. 

D. Sequence numbers and timestamps for log output 

E. The buffer is set to the default size of 4096 bytes. 

Answer: DE 


QUESTION 727 

Which two statements about QoS classification and marking are true? (Choose two) 

A. After classification of a packet, the device can only transmit the packet as is, or discard it 

B. It can classify packets based on their source IP and MAC addresses only 

C. Through the use of traffic policing, CAR provides rate limiting capabilities 

D. CAR is capable of classifying and reclassifying packets as they are processed 

E. It can classify packets based on their source and destination IP and MAC addresses only 

F. CAR rate policies use CoS, IP precedence, and prefix lists to match traffic 

Answer: BF 


QUESTION 728 

Which statement describes the operation of the Generalized TTL Security Mechanism (GTSM), 
used by routing protocols to prevent some types of attack? 
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A. An MD5 hash of the received TTL, source IP, destination IP, protocol, and shared key must 
match 

B. The TTL in a received packet must be a low value (typically 1 -2) 

C. The TTL in a received packet must be a high value (typically 254-255) 

D. Both end systems compute an MD5 hash based on the TTL and a shared secret. If the 
received and local value differ, the packet is dropped 

Answer: C 


QUESTION 729 

What is the mechanism could be used to avoid the problem of TCP Starvation / UDP 
Dominance? 

A. Place UDP traffic in a dedicated traffic-class with the bandwidth keyword configured 

B. Use policy routing to send the UDP and TCP traffic over different paths 

C. Configure QoS to police UDP traffic to the desired volume 

D. WRED to balance TCP and UDP utilization 

Answer: D 


QUESTION 730 

Refer to the exhibit. When it attempted to register the EEM script, the device returned this error 
message. 



Which action can you take to correct the problem? 

A. Configure the end command at the end of the BACKUP EEM policy 

B. Configure the event none command so that the event can be triggered manually 

C. Configure the event action to run the applet 

D. Configure the event manager run command to register the event 

Answer: C 


QUESTION 731 

Which three sets of fields that can be included in a NetFlow export template? (Choose three) 

A. IGP 

B. IPv4 main cache 

C. ODR 

D. BGPPIC 

E. PfR 

F. MPLS labels 
Answer: BDF 


Get Latest & Actual Amazon Exam's Question and Answers from Passleader. 


http://www.passleader.com 


276 
















Pass Leader’ 

Leader of IT Certifications 


QUESTION 732 

Which technology uses MPLS to provide IPv6 connectivity to customers in the core network 
without the need for dual-stack? 

A. 6to4 

B. NAT64 

C. NAT 

D. 6PE 

Answer: D 


QUESTION 733 

Which two statements about MSDP are true? (Choose two) 

A. It is supported both for IPV4 and IPV6 multicast deployments 

B. It is encapsulated into UDP segments 

C. It is encapsulated into PIM packets 

D. It interconnects into PIM-SM domains 

E. MSDP peers are established using multiprotocol BGP 

F. MPLS is required to establish MSDP peering 

Answer: DE 


QUESTION 734 

Which type of QoS is used on the CE device to rate-limit the aggregate traffic towards the WAN 
Ethernet circuit? 

A. CBWFQ 

B. WRED 

C. LLQ 

D. FIFO 

Answer: C 


QUESTION 735 

Which two statements about enhanced object tracking are true?(Choose two) 

A. With HSRP, it can track only the line-protocol state. 

B. It can track over 200 objects at once. 

C. It supports stateful switchover with HSRP 

D. It supports stateful switchover with GLBP 

E. Tracking objects are identified with unique numbers 

Answer: BE 


QUESTION 736 

On a network using DiffServ, which option refers to the actions that applied to a packet as it 
moves through the network? 
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A. DSCP 

B. PHB 

C. Code-point 

D. IP-precedence 

Answer: A 


QUESTION 737 

Which two statements about NetFlow version 9 are true? (Choose two.) 

A. It supports up to two exporters per cache 

B. It supports both encryption and authentication 

C. It supports up to six exporters per cache 

D. It supports export over TCP and UDP 

E. It supports export over UDP only 

F. Each flow monitor supports up to 10 exporters 

Answer: DF 


QUESTION 738 

Which two BGP attributes are optional non-transitive attributes? (Choose two.) 

A. Weight 

B. MED 

C. Local preference 

D. Cluster list 

E. AS path 

Answer: BD 


QUESTION 739 

When is it useful to disable split horizon on an EIGRP interface? 

A. It is never advisable to disable split horizon on an EIGRP interface. 

B. Disable it when you want to send routes that are learned from another routing protocol to 
peers on the same interface. 

C. Disable it when you need to send updates to peers on the interface on which the updates 
were received. 

D. Disable it when you want to provide additional backup paths in your network 

Answer: C 


QUESTION 740 

Drag and Drop Question 

Drag and drop the OTV component on the left to the function it performs on the right. 
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edge device 


elected by the OTV to provide loop-free multihoming 



join interface 


connects VLANs to be extended 



internal interface 


receives local OTV hello messages 



overlay interface 


provides an uplink to the overlay network 



site VLAN 


encapsulates layer 2 frames within an IP header 



authoritative edge device 


connects a site to an overlay network 

Answer: 

authoritative edge device 




internal interface 


site VLAN 




join interface 


overlay interface 




edge device 

QUESTION 741 

Drag and Drop Question 


Drag and drop the OSPF network type on the left to the correct category of timers on the right. 
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Point-to-Point 


Loopback 


Point-to-MuItipoint Nonbroadcast 


Broadcast 



Point-to-Multipoint 


Nonbroadcast 



Answer: 


H ello 10, Dead 40, Wait 40 


Point-to-Point 


Broadcast 


NQD£_ 


Loopback 


H ello 30. Dead 120. Wart: 120 


Point-to-Multipoint Nonbroadcast 


Point-to-Multipoint 


Nonbroadcast 


QUESTION 742 

Drag and Drop Question 

Drag each statement about EtherChannel protocols on the left to the matching EtherChannel 
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protocol on the right. 


A Cisco Proprietary protocol. 


Supports 8 ports n a port group, with aH active. 


Supports auto and desrable configuration modes. 


Supported by the IEEE 802.3ad protocol. 


Supports 16 ports in a port group, with 8 active. 


Supports active and passive configuration modes. 




Answer: 


A Cisco Proprietary protocol. 


Supports 8 ports in a port group, with all active. 


Supports auto and desirable configuration modes. 


Supported by the IEEE 802.3ad protocol. 


Supports 16 ports in a port group, with 8 active. 


Supports active and passive configuration modes, 



Supports active and passive configuration modes, 


QUESTION 743 

Which two statements about logging are true? (Choose two) 

A. When you enable sequence numbers, the date timestamp is disabled automatically by default 

B. A log message can include both uptime and the date timestamps 

C. A log message's facility value indicates the hardware on which the log message was generated 
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D. Logs can be displayed on the console or on a remote terminal 

E. Log messages include a mnemonic that describes the message 

F. The mnemonic can refer to a hardware device, a protocol, or a software module 

Answer: AE 


QUESTION 744 

Which two loops-prevention mechanisms are implemented in BGP? (Choose two) 

A. The command bgp bestpath as-path-ignore enables the strict checking of AS_PATH so that they 
drop routes with their own AS in the AS_PATH. 

B. A route with its own cluster ID in the CKUSTERJJST is dropped automatically when the route 
reenters its own AS. 

C. The command bgpbestpath med missing-as-worst assigns the smallest possible MED, which 
directly prevents a loop. 

D. The command bgpallowa-in enables a route with its own AS_PATH to be dropped when it 
reenters its own AS 

E. A route with its own AS in the AS_PATH is dropped automatically if the routereenters its own AS. 

Answer: BE 


QUESTION 745 

Which two statements about debugging on Cisco routers are true? (Choose two) 

A. Using console logging can reduce the performance impact of the debug command 

B. The debug command can be run in privileged exec mode only 

C. By default, the router logs debug command output to vty lines 

D. The terminal monitor command copies debug output to the terminal 

E. The debug ip packet command can debug IP traffic that is fast-switched on the router 

F. The debug command can be run in user exec mode 

Answer: BD 


QUESTION 746 

Which two statements about QoS and marking are true? (Choose two) 

A. The set-discard-class command can be configured for ATM and MPLS protocols 

B. It can use a table map to mark traffic 

C. It requires Cisco Express forwarding to be enabled on the sending interface and the receiving 
interface 

D. It is supported on tunnel interfaces 

E. It is supported on Fast EthernetChannel and ATM SVC interfaces 

Answer: CD 


QUESTION 747 

Refer to the exhibit. Which statement correctly describes how a router with this configuration 
treats packets that matches access-list 144 if it does not know a path to 172.16.12.5, and does 
not know a path 192.168.3.2? 
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interface ethernet 0/0 
ip policy route-«ar PBP 

tout*-nap PBR 

match i]> .iddefsa 1^4 

set ip next hop ri2.1£.l— & 

I, 9 <?t- ip next hop recuinive IS?.. 168. 

A. It send an ICMP source quench message. 

B. It drops the packet immediately. 

C. It routes the packet into a loop and drops it when the TTL reaches zero. 

D. It routes the packet based on the packet's destination using the routing table. 

Answer: D 
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